| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.3, which comprises the following commits:
eaa7ca80d proxy: break up writes from the remote writer to avoid grpc limits
c7f64196f Fix privileged container sysfs can't be rw because pod is ro by default
569af34cb Prefer runtime options for PluginInfo request
b8dde9189 Prepare release notes for v2.0.3
0ce93e16a prevent oom watcher depend on shim pkg.
f3284aa68 CI: arm64-8core-32gb -> ubuntu-24.04-arm
92ae2951f Update CDI dependency to v0.8.1.
f95a426b8 move the device after the options when using mkfs.ext4
4d19a6adf update build to go1.23.6, test go1.24.0
c738c3aab build(deps): bump actions/cache from 4.1.2 to 4.2.0
b5313993c Revert "Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG"
697c59c63 Update runc binary to v1.2.5
fcf64305c Update vendor files to fix build failure
d3437eb29 Upgrade x/net to 0.33.0
0785bd8cc Update install-imgcrypt to allow change install repo
06891f899 fix go-cni race condition
79cdbf61b cri,nri: block NRI plugin sync. during event processing.
9d5cfce83 Update github.com/containerd/imgcrypt to v2.0.0
1f4e5688e update to go1.23.5 / go1.22.11
f58939c33 Remove deprecated WithCDIDevices in oci spec opts
3d53430fe Move CDI device spec out of the OCI package
3a6ab80d0 build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2
cdaf4dfb4 Prepare release notes for v2.0.2
eb125e1dd Update platforms to latest rc
468079c5c Remove confusing warning in cri runtime config migration
a2d9d4fd5 Fix runtime platform loading in cri image plugin init
184ffad01 Add integ test to check tty leak
17181ed33 fix master tty leak due to leaking init container object
8666e7422 Bump up otelttrpc to 0.1.0
7373ddd70 update runc binary to v1.2.4
c4270430d ctr: `ctr images import --all-platforms`: fix unpack
f34147772 downgrade go-difflib and go-spew to tagged releases
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.1-6-gce560bb24, which comprises the following commits:
f34147772 downgrade go-difflib and go-spew to tagged releases
dca769485 chore: add a build tag to disable containerd plugin import
5942b3fcb Update golangci to 1.60.3
b0ece5dc5 Prepare release notes for v2.0.1
fe6957084 build(deps): bump actions/attest-build-provenance from 1.4.4 to 2.1.0
eb2ce6882 update xx to v1.6.1 for compatibility with alpine 3.21 and file 5.46+
018d83650 internal/cri: should not apply IoOwner options
5eb7995a9 feat: update go-cni version for CNI STATUS
a53eff53d update runc binary to v1.2.3
a2302ea89 Add integration test for custom configuration
be5eda069 complete cri grpc config migration
44cdca68b ctr pull unpack for default platform using transfer service
62b790bfa CI: update Fedora to 41
290e8bc70 update to go1.23.4 / go1.22.10
3ba2df924 fix panic due to nil dereference cgroups v2
73f57acb0 Update differ to handle zstd media types
34a45cab2 Publish attestation as release artifact
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-25-g961cac9aa, which comprises the following commits:
34a45cab2 Publish attestation as release artifact
7dec6b460 move rocky 9.4 to almalinux/9 in CI
cf07f28ee *: should align pipe's owner with init process
986088866 fix: set the credentials even if not provided
9081e979f update runc binary to 1.2.2
6399c936f Revert "Disable vagrant strict dependency checking"
a7f2b562f fsverity_linux.go: Fix fsverity.IsEnabled() for big endian systems
389e781ea build(deps): bump github.com/containerd/typeurl/v2 from 2.2.2 to 2.2.3
30b929ece fsverity_test.go: fix major/minor device number resolving
10996a334 fsverity_test.go: fix nil pointer dereference, fix test fail
5b879f30c update to go1.23.3 / go1.22.9
e99c2b55c Avoid arch info in the sed/replace when building cri-cni-containerd.tar.gz
458215f6c ci: enable marking 2.0 releases as latest
03ba4ce1f Update release notes for v2.0.0
f2da3fd68 Update release docs for v2.0.0
ff09b428e Update typeurl to v2.2.2
a43e7c1e2 build(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9
edf367cab build(deps): bump github.com/containerd/nri from 0.7.0 to 0.8.0
21f636751 build(deps): bump github.com/containerd/typeurl/v2 from 2.2.0 to 2.2.1
1edc2147f build(deps): bump google-github-actions/auth from 2.1.6 to 2.1.7
2d8fec45a go.mod: k8s.io/* v0.31.2
bef201fe6 build(deps): bump google-github-actions/upload-cloud-storage
bd10a6096 Update platforms to v1.0.0-rc.0
ae73e3013 Disable vagrant strict dependency checking
33677d56d Update containerd API to v1.8.0 release
d38911808 Prepare release notes for api/v1.8.0
93f9db2ad Update errdefs tag to v1.0.0
bddeba825 Make TestContainerPids more resilient
edb980ac0 update runc binary to 1.2.1
bf47b6ebc docs/containerd-2.0.md: add more highlights
f5ce859ee docs/containerd-2.0.md: fix the deprecation release of AUFS
bedd85a36 RELEASES.md: k8s: fix CRI v1alpha2 removal release, remove old releases
4594f5cac services/snapshots: include name of snapshotter in debug logs
77d783e2c Update hcsshim to v0.12.9
79089232b build(deps): bump actions/checkout from 4.2.1 to 4.2.2
2789ba30e build(deps): bump actions/cache from 4.1.1 to 4.1.2
6b655d093 build(deps): bump github/codeql-action from 3.26.13 to 3.27.0
9ed6e05b2 config: v1Migrate: support DisabledPlugins and RequiredPlugins
4b2bca00b config: migrate version before merging
700b90618 resolver/docker: fix confusing "trying next host" log
3cc2343de local: avoid writing to content root on readonly store
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.6-23-g1e6fdb531, which comprises the following commits:
0208cb58c go.mod: github.com/containerd/imgcrypt v2.0.0-rc-1
588b7a100 testutil: avoid conflict with continuity/testutil
181491032 build(deps): bump github.com/containerd/continuity from 0.4.3 to 0.4.4
497dc7bf3 build(deps): bump github.com/checkpoint-restore/checkpointctl
fddeb6f3c pkg/protobuf: fix typo in godoc
96a1e498f Update containerd plugin to v1.0.0
3b45a44cc Update to ttrpc v1.2.6 tag
3cc2343de local: avoid writing to content root on readonly store
778defa31 Add back ZFS snapshotter
d3ff3e2ff CI: move crun from Ubuntu to Fedora
5c65a3d7b Update version to v2.0.0-rc.6
9aa637b22 Update api vendor to latest
4b9d6c014 deps: bump github.com/containerd/nri
2535b187a Scope writer locks to each writer.
bc819bc97 docs: add command for finding schema 1 images
c86b2772c docs: update min version for deprecation warnings
a1ce18816 CI: bump up crun to 1.17
021895985 Update hcsshim version to v0.12.8
373311a84 build(deps): bump github.com/opencontainers/selinux
cf9cf8b5a build(deps): bump github.com/prometheus/client_golang
03860c208 build(deps): bump azure/CLI from 1.0.9 to 2.1.0
cf7218fb0 build(deps): bump actions/checkout from 4.1.1 to 4.2.1
78ec6ef02 build(deps): bump actions/upload-artifact from 4.1.0 to 4.4.3
bfe8fa330 build(deps): bump github/codeql-action from 3.24.0 to 3.26.13
38ba7f2f7 dedup BuildLabels
a5cd0d0a5 dedup GetPassthroughAnnotations
269997ac5 dedup GetRepoDigestAndTag
f61dbc2d0 dedup ParseImageReferences
530db2e8d Introduce two additional unit tests for two runtimes and pod annotations.
a21e379b6 Allow sections of Plugins to be merged, and not overwritten as entire sections.
2f24aa00a Update errdefs to 0.3.0
92d327af1 Update tracing docs for containerd 2.0
943b196ad Update NRI documentation for containerd 2.0
a6ceb4be0 containerd 2.0 guide: add image verifier plugins
347423a11 Request 'allow' setgroups when spawning new userns
249dd7474 Format link text in containerd 2.0 doc for readability
18e4ea9a6 Add After=dbus.service to containerd.service
3eea3536f docs/containerd-2.0.md: mention the removal of `cri-containerd-*.tar.gz`
f8d50f6e8 README.md: put a link to docs/containerd-2.0.md
b724b9f23 Add containerd 2.0 doc
fc5086a74 cri: remove sandbox controller from client
e4df672ab sandbox: add sandbox controller v2
4f2bc1580 build(deps): bump lycheeverse/lychee-action from 1.10.0 to 2.0.2
4bd3a71dd go.{mod,sum}: update NRI deps and re-vendor.
bff82e196 [StepSecurity] ci: Harden GitHub Actions
5eb0be994 build(deps): bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5
0742238cd Handle teardown failure to avoid blocking cleanup
c3d84a87f build(deps): bump the otel group with 8 updates
bfe59daae build(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11
b7c333ce2 Revert "update runc binary to 1.1.15"
c6d089090 metrics: Use UnmarshalTo instead of UnmarshalAny
1db0064c6 CI: install OVMF for Vagrant
4d02217b5 CI: fix "Unable to find a source package for vagrant" error
38beeb359 Revert "use vagrant from jammy in noble"
e2daa20ed Revert "use older version of OVMF package"
ee921689f Switch from actuated.dev to GH Action runners for arm64
f89ed3c62 build(deps): bump golang.org/x/sys in the golang-x group
428df99db build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1
72126a984 update sample go test commands
9c42dd959 build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1
f0f1bfca0 update runc binary to 1.1.15
46f5a0d93 update to go1.23.2,go1.22.8
7b1809851 Update runner images to macOS13
e479431e0 core/runtime: Fix a typo in error message
b85909cd4 shim: Move pprof server to plugin
b2681dfbd shim: Move ttrpc interceptors to plugins
d7f83034c Fix the race condition during GC of snapshots when client retries
24fe444eb script/setup/install-runc: Add trap statement to clean up tmp files
6ffdabf72 Makefile: fix shim tags overwritten
095131abf add use systemd cgroup e2e
2123855ee Add build tag to omit grpc
64d29ebe5 snapshots: core: Remove dependency on api types
11ffba3dc shim: Do not depend on pkg/oci
0d4e606bb Update hcsshim to v0.12.7
78e39f7c5 build(deps): bump github.com/intel/goresctrl from 0.7.0 to 0.8.0
17d4a1357 Propagate trace contexts to shims
bc4646067 Prepare release notes for v2.0.0-rc.5
ccb2a8d74 [cri] use 'UserSpecifiedImage' to set the image-name annotation
b7b6b324b Add check for CNI plugins before tearing down pod network
b5290726d Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG
146a977f9 Move features section to a separate file
30f289335 core/mount: Only remove dirs if unmount succeeded
f8d84ecf9 core/mount: Prevent accidental removal of rootfs files
004f3951d core/mount: Use MNT_DETACH for umount of tmp layers
f7ca91fa3 build(deps): bump github.com/prometheus/client_golang
c75178d93 build(deps): bump google.golang.org/grpc from 1.66.2 to 1.67.0
519cbda1d build(deps): bump github.com/klauspost/compress from 1.17.9 to 1.17.10
d72051036 Enable the selinux on cri test
b03a3c5a2 build(deps): bump the k8s group with 4 updates
017efe05a build(deps): bump the otel group with 8 updates
7c89148a1 build(deps): bump google.golang.org/grpc from 1.65.0 to 1.66.2
6e2c4d00d build(deps): bump golang.org/x/mod
ee0ed75d6 internal/cri: simplify netns setup with pinned userns
fd3f3d5a1 pkg/sys: add GetUsernsForNamespace interface
490e45a08 pkg/sys: Add UnshareAfterEnterUserns function
83aaa89b6 update ctr run to support multiple uid/gid mappings
1dedcb784 build(deps): bump github.com/checkpoint-restore/go-criu/v7
7599d4df2 build(deps): bump github.com/prometheus/client_golang
9037069da update to go1.23.1, go1.22.7
6f43197c2 Remove cri SandboxInfo RuntimeHandler
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
parsing errors occur if this fragment ends with .conf,
so we renamed it to make sure it is processed as a
conflist.
Tested with containerd + nerdctl
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
As it turns out CNI needs iptables to configure some plugins,
and without it we get a silent fail. It will also be added
to the recipe as a RRECOMMENDS, but we also put it in the
packagegroup for more visibility.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When running a containerd-only stack, we need a CNI configuration
to be available.
When running containerd as part of something like K3S, we expect
the orchestration package will provide that configuration.
This commit makes a containerd-cni package available that contains
a starting point configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.4-40-g19430264c, which comprises the following commits:
9037069da update to go1.23.1, go1.22.7
18725f010 integration: regression test for issue 10589
5f37a2c20 fifosync: cross-process synchronization
421a4b568 runc-shim: handle pending execs as running
299a9717f update runc binary to 1.1.14
f4529ace1 build(deps): bump the otel group with 8 updates
e7357916b runc-shim: refuse to start execs after init exits
def477b07 Bump crun to 1.16
3d7955bf7 remove duplicated descriptor from/to proto
93d6f0f92 remove duplicated sandbox to proto func
bfc1465a2 Reorganize mount/unmount code so it is easier to add Darwin-specific implementation
9c3400572 reduce ptypes.Empty creation by defining it in as a var
7f3bf993d runc-shim: remove misleading comment
f6677a4ec Cumulative stats can't decrease
94c163209 TestNewBinaryIOCleanup: fix a comment, minor rewrite
d83184ced avoid repeated calls in Tricolor gc
6b97a08ee add benchmark
1b03ca57c build(deps): bump github.com/prometheus/client_golang
9906fac59 build(deps): bump github.com/vishvananda/netlink
cdbfcc257 Prepare release notes for v2.0.0-rc.4
4ba502a03 Update api vendor to latest tag
a36d38fb4 Add mailmap entry for Michael Zappa
bf5fc240b build(deps): bump google-github-actions/upload-cloud-storage
faaafd6de build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.2 to 2.2.3
47350982b build(deps): bump go.etcd.io/bbolt from 1.3.10 to 1.3.11
3cd8f9734 core/mount: use ptrace instead of go:linkname
35b029257 remove sha256-simd
1195b68eb build(deps): bump github.com/prometheus/client_golang
50b06182f Register local content plugin from separate package
021063c4a build(deps): bump the k8s group with 5 updates
1bff3bfed build(deps): bump dario.cat/mergo from 1.0.0 to 1.0.1
429085c84 build(deps): bump google-github-actions/upload-cloud-storage
93abc2fdd Update hcsshim to v0.12.6
bcdf50736 core/mount: add benchmark test for GetUsernsFD
6f3833f25 CRI: remove `disable_cgroup`
fc1637d16 Attest artifacts in release workflow
337d8c52c Update release job to generate artifacts attestation
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.3-209-ge8104a485, which comprises the following commits:
93abc2fdd Update hcsshim to v0.12.6
66817fccc script/setup/install-dev-tools: include patch version in versions
cd4e24ef7 script/setup/install-dev-tools: update protoc-gen-go-ttrpc to v1.2.5
9e2357f33 docs: add k8s 1.31 to support matrix to RELEASES
a3d84a172 docs: update for containerd v2
43568373f docs: Update BUILDING.md
ebc47359e use format string when using printf like commands
1027b314a ignore the static check when using anonymous struct in testing
f8e075336 remove windows check in linux_test file
20ee6de0b update golangci-lint to v1.60.1
fb8cd045b add go1.23.0
3f53e7a6e build(deps): bump github.com/urfave/cli/v2 from 2.27.3 to 2.27.4
1127908ae build(deps): bump k8s.io/cri-api in the k8s group
6ed54e966 build(deps): bump golang.org/x/sys in the golang-x group
1de84c29f build(deps): bump google-github-actions/upload-cloud-storage
a100b055c update to go1.22.6
977604724 migrate to github.com/moby/sys/userns
8ef73c5dd Fix TestNewBinaryIOCleanup on Go 1.23 and Linux 5.4
7d4da0cb2 ctr: shim state query for old shims
d59e8a840 ctr: shim state for secondary tasks
32c2d1493 use ctx object from cliContext instead of a creating a new one
349d2b5c1 script/setup/install-runc: fix runc using incorrect version
267fac568 build(deps): bump the golang-x group with 3 updates
6814cc354 build(deps): bump google-github-actions/upload-cloud-storage
d036988ee docs/content-flow: fix code fence delimiter
83c26962c Remove extra span created in the instrumented service layer
c0cdcb34f Add spans to CRI runtime service and related client methods
0e4f2108b support to syncfs after pull by using diff plugin
551ac0600 Ensure /run/containerd is created with correct perms
4cfeb7b19 core/metadata: migrate sandboxes bucket into v1
a97b11898 Make `StopContainer` RPC idempotent
c6cea95d9 Make `StopPodSandbox` RPC idempotent
ad24ca960 build(deps): bump github.com/urfave/cli/v2 from 2.27.2 to 2.27.3
71b5b34de build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0
eddd90d7c remove deprecated pkg/userns
8437c567d pkg/userns: deprecate and migrate to github.com/moby/sys/user/userns
40a315b95 vendor: github.com/moby/sys/user v0.2.0
f9146c051 deprecation: update warnings for CRI config fields
0dcc51aed introspection: regenerate UUID if state is empty
abdb4fd77 build(deps): bump the k8s group across 1 directory with 4 updates
bc51d4b20 build(deps): bump the otel group across 1 directory with 8 updates
025d1161e build(deps): bump github.com/containernetworking/cni from 1.2.2 to 1.2.3
81ef46584 KEP-3619: update cri-api version
ee2c0d9e7 KEP-3619: implement features.supplemental_groups_policy in RuntimeStatus
2d97134e5 build(deps): bump github.com/containerd/imgcrypt
f0aecaa2e Fix TestNewBinaryIOCleanup failing with gotip
b41bb6df7 Avoid potential reallocs by pre-sizing some slices
a779449c4 vendor: github.com/moby/sys/sequential v0.6.0
1bfa7c8fe vendor: github.com/moby/sys/symlink v0.3.0
95b429c01 vendor: github.com/moby/sys/signal v0.7.1
08d6c9323 vendor: github.com/moby/sys/mountinfo v0.7.2
fb674f8b4 Add resolver workaround for error: name resolver error: produced zero addresses
63b468817 Use grpc.NewClient instead of deprecated ones
a5be62993 Vendor GRPC 1.64
1a5c711c3 update documentation for content-flow
c8254dfae Include filename in error
9eda0b73a build(deps): bump github.com/Microsoft/hcsshim from 0.12.4 to 0.12.5
9315d59bf build(deps): bump tags.cncf.io/container-device-interface
7480de28a Remove static link to images outside of the repository
edd84f4a6 Add read permission limit on link workflow
274de35fe updated the domain in the link
807f32573 cri: optimize ListPodSandboxStats with parallelism
7c4de2821 Update cri-tools to v1.30.1
0772d0a37 Fix for `[cri] ttrpc: closed` during ListPodSandboxStats
300fd770a use typeurl funcs for marshalling anypb.Any
e1adfaeb9 script/setup/config-containerd: Use slow_chown
89a2cac37 scripts/critest.sh: Prepare for userns tests in runc
63b55e6df build(deps): bump the golang-x group with 2 updates
203cb303e script: bump up imgcrypt version to v1.2.0-rc1
efd441506 client: fix tasks with PID 0 cannot be forced to delete
eaa1afe63 Set stderr to empty string when using terminal on Windows.
fe5f85c7d Fix incorrect comment about ordering of parent layers
0f76e35fd added the openssf scorecard badge
98544a358 Add file name to device type check failure message
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.3-82-g1b24e53d0, which comprises the following commits:
63b55e6df build(deps): bump the golang-x group with 2 updates
51f34ff49 CI: update Fedora to 40
56495b404 update go version to 1.22.5
23170e20d Move fsverity package to internal
f6e731c80 cri: get pid count from container metrics
96352ad22 update runhcs binary to v0.12.4
10aec359a cri: ensure NRI API never has nil CRI
a723c0c6e pkg/reference: remove deprecated SplitObject
ef98c7198 Implement fsverity functionality
fec33aa73 pkg/reference: deprecate SplitObject
a5fce38f3 pkg/reference: Spec.Digest(): inline SplitObject code
42145950b pkg/reference: SplitObject: add proper GoDoc
74a6156ac pkg/reference: SplitObject: zero allocations
799bca97f pkg/reference: Spec.String(): use string-concatenation instead of sprintf
c097022a5 build(deps): bump github.com/containernetworking/cni from 1.2.1 to 1.2.2
14b053fb4 build(deps): bump github.com/containerd/go-cni from 1.1.9 to 1.1.10
8f9607eed Use the transactor interface in metadata
2cf8237a1 build(deps): bump k8s.io/klog/v2 in the k8s group
a2f9101aa build(deps): bump github.com/containernetworking/plugins
2304cd9d5 build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2
469f95026 build(deps): bump github.com/containernetworking/cni from 1.2.0 to 1.2.1
243b803a1 Add pprof to runc-shim
b323e9eec vendor: github.com/containerd/ttrpc v1.2.5
cb38b1e2b api: update github.com/containerd/ttrpc v1.2.5
2f1bf791b Cleanup metadata godoc
907796811 update release runners to ubuntu 24.04
dd0542f7c cmd: don't alias context package, and use cliContext for cli.Context
c25183ff1 use older version of OVMF package
1bfdccee0 use vagrant from jammy in noble
769e0c8c1 add debian sources for ubuntu-24
624aa49d4 increase xfs base image size to 300Mb
027414ee5 enable ubuntu 24 runners
9edde8106 build(deps): bump github.com/klauspost/compress from 1.17.8 to 1.17.9
becb2b2d3 build(deps): bump github.com/checkpoint-restore/checkpointctl
f6f655ccf build(deps): bump k8s.io/klog/v2 in the k8s group
531da9960 Reduce scope of permissions in stale workflow
15887d7ef sandbox: add update api for controller
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.3-19-g741c4bde5, which comprises the following commits:
531da9960 Reduce scope of permissions in stale workflow
ed64e6503 core/mount: remove logrus import
ea8265fb1 core/transfer/local: remove logrus import
75fd7a5a7 pkg/shim: remove logrus imports
38e2f0038 Adds a mutex to protect fallback host
587ee80f6 pkg/tracing: LogrusHook.Fire: micro-optimisation
ccf793812 pkg/tracing: remove direct use of github.com/sirupsen/logrus
4203e2de8 pkg/tracing/plugin: rename var that collided with import
e2e09b384 pkg/tracing: rename func that shadowed builtin, rm makeSpanName
e69ad9442 build(deps): bump the k8s group across 1 directory with 4 updates
5b8dfbd11 Allow proxy plugins to have capabilities
cc2cedae0 Revert "install-runc: pin Go to 1.21"
3c097352a update runc binary to v1.1.13
8c13ed1b8 Prepare v2.0.0-rc.3 release
86b8a8824 Remove pkg/seed
09d3e20d3 Allow running test in usernamespace
8bcffa944 KEP-3619: Fine grained SupplementalGroups control
87dd4309d vendor: github.com/containerd/platforms v0.2.1
939135ae3 CI: golangci-lint v1.59.1
df7f6ba5b ctr: return explicit errors for flags unsupported by transfer service
686a610ee build(deps): bump github.com/checkpoint-restore/checkpointctl
156458e54 build(deps): bump the golang-x group with 2 updates
08c1e12e9 CI: add back EL 8
149ca6880 Update hcsshim tag to 0.12.4
b1a23c495 Fail integration test early when a plugin load fails
d23c4b8b5 Use unix and windows specific connection error checks
02b6c6939 Allow fallback across default ports
80ce8bd61 build(deps): bump github.com/containerd/containerd/api
cde2527fc ctr: pull: Do not ignore labels when transfer service is used
1c123efb4 Update Go version to 1.22.4
e1e793e4a Update rockylinux vagrant build
5611fdd4a Transfer: Push: Enable to specify platforms
0e8cc9146 Transfer: Push: fix failure on pushing duplicated blobs
4123170a3 *: export RemoveVolatileOption for CRI image volumes
3e71ccafc Add type alias for event Envelope
da1d9672f Enable imgcrypt in cri pull
9857afda4 Add vendor for github.com/containerd/imgcrypt
359d84351 Update api minimum go version to 1.21
2d73340c2 Explicitly set release latest to false
ca59fb0b4 Cleanup shim manager configuration
9831a62d7 auth: add span to FetchToken helpers
58be88189 sandbox: do retry for wait to remote sandbox controller
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.2-12-g5d2c988a5, which comprises the following commits:
446e63579 remove uses of platforms.Platform alias
22f2af40c update pause image to 3.10
65024e6fd core/image: fix usage of "unknown" platform
8b3060717 Provide runtime options in plugin info
332caf1a1 Provide ability to set lo up without CNI
288f0592e Prepare release notes for v2.0.0-rc.2
f24a95185 build(deps): bump github.com/prometheus/client_golang
8b2a69c19 build(deps): bump golangci/golangci-lint-action from 5 to 6
96ff18d37 build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1cae3dc9b update ttrpc to 1.2.4
e2251f948 Update instrumentation fuzzer with new flag
ef76a90e9 Update platforms package to v0.2.0
0b113d78d doc: add the description of sandboxer and io_type
7cead8800 cri: restart created container with correct io type
42f778fc1 modify streaming io url form
25c2f690a Update toolchain to Go 1.22.3
681a083fa Update unpacker to always fetch all
2788604e4 Update ctr image pull all platforms
58be88189 sandbox: do retry for wait to remote sandbox controller
059731775 Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts
9a9a8c46a Don't require vagrant tests in merge queues
d9dc2811a fix: delete sockets on shim exit
41dc94ee1 CI: bump up golangci-lint to v1.58.0
9ecfac7f6 Integration: Change to grpc.NewClient
8c6183d74 Add lease test for metadata snapshotter
c7fb8a925 Update metadata snapshotter to lease on exists
b8dfb4d8f cri: support io by streaming api
3b065cddd CI: skip test in arm64 CI
6c3c5376f critools-version: v1.30.0
b488e76db build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1
a6e417dc6 build(deps): bump go.etcd.io/bbolt from 1.3.9 to 1.3.10
4401c3cb7 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.1 to 2.2.2
42e02c6c0 build(deps): bump golang.org/x/sys in the golang-x group
88b52119c Update api version to v1.8.0-rc.0
1c9c64f31 Update release procedure to mention api replace
e69efd56d Add go mod replace when proto changes happen
678137199 sandbox: remove PID() in sandbox client
13f2fa1de remove go1.21.9 from CI matrix
f0363a7f6 Chore: Simplify some syscall error checks
99ad11a00 core/metadata: failfast on content.Commit
3fb84403b CI: bump up crun to 1.15
55fcebffc Prepare release notes for api/v1.8.0
b811a8879 Add API release action
b8060d641 Update ctr shim subcommand to task v3
f1e265b13 core/runtime: Check shim PluginInfo to enforce idmap support
05a3171bb Update transfer proxy to support ttrpc
ec04e4f63 Add streaming proxy
fe01cad20 Cleanup local transfer interface
171fc1434 Update release doc to mention API versioning
2ac2b9c90 Make api a Go sub-module
e1b94c0e7 Move protobuf package under pkg
3e9cace72 Move runtimeoptions to api directory
4a4550777 Move runc options to api directory
25a288662 Fix v2 migrate for testutil package
fb1f15d30 docs: correct the typo in the documentation
2df04b403 build(deps): bump the otel group with 8 updates
950db7eb7 build(deps): bump the k8s group across 1 directory with 4 updates
93690baf4 build(deps): bump github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus
4c753d124 go.mod: k8s.io/cri-api v0.30.0
de38490ed sandbox: merge address and protocol to one url
c3b306240 add task api endpoint in task create options
72fe47b2a add task api endpoint in oci proto
b1fefccc7 sandbox: store endpoint in cri sandboxStore
f6e0cf189 sandbox: add address info in Start and Status response
15782881e go.mod: go 1.22
2d5689434 CI: use Go 1.22 by default
fef78c102 install-runc: pin Go to 1.21
11d8beff8 optimize error logs by providing absolute file paths
81a9df625 build(deps): bump github.com/urfave/cli/v2 from 2.27.1 to 2.27.2
c001a7056 build(deps): bump lycheeverse/lychee-action from 1.9.3 to 1.10.0
6df759e24 build(deps): bump golangci/golangci-lint-action from 4 to 5
b7c977414 container.Checkpoint(), WithRestoreImage(): use ocispec.AnnotationRefName
8a8c3e221 pkg/cri/server/base: log CRI config as embedded JSON
f62edda5a pkg/cri/server/base: use structured log for CRI plugin startup
e07b63d84 document usage and design of blockfile snapshotter
b6bd12f13 Add Syself Autopilot to adopters
7bc476001 ADOPTERS.md: Fix Actuated italics
416741675 Perform file sync outside of lock on Commit
c27bcdc56 cri: introspectRuntimeFeatures: fix nil panic
dfdfa206f Update for latest updates to release tool
53c9e6f86 Update release process after 1.7
a12acedfa sandbox: make a independent shim plugin
9ee3bfaba images: tests: Fix typos in the tests
c51463010 docs: update registry config guide
7bd4d348e add info of exited event
218e2cf7c Return correct error if CRIU binary is missing
bb9d923aa content: add a BlobReadSeeker func to allow multipart blob streaming
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.1-8-g0426e3c2e, which comprises the following commits:
c27bcdc56 cri: introspectRuntimeFeatures: fix nil panic
c5ba71d11 Makefile: update default PACKAGE to v2
094bafe2a apparmor: Allow confined runc to kill containers
e461a59ae fix migrateConfig for io.containerd.cri.v1.images
eb5a0c04b apparmor: add `signal (receive) peer=/usr/local/bin/rootlesskit,`
5e470e1ca Update HTTPFallback to handle tls handshake timeout
a37b451cd build(deps): bump tags.cncf.io/container-device-interface
888fd315f Update CNI to v1.2.0
13e6b2b68 update to go1.21.9, go1.22.2
42e4de9c5 Prepare release notes for v2.0.0-rc.1
4a31bd606 chore: use errors.New to replace fmt.Errorf with no parameters will much better
a6a82c102 Update hcsshim to v0.12.3
7e60d5a07 Account for ipv4 vs ipv6 localhost in windows port forwarding
a153b2cd3 mod: bump github.com/containerd/nri@v0.6.1
77512e2d7 build(deps): bump the golang-x group with 3 updates
c8d9eba7c build(deps): bump github.com/klauspost/compress from 1.17.7 to 1.17.8
1c0f73aa0 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.0 to 2.2.1
32caaee48 Snapshotters: Export the root path
b82ced57f fix: close profile
c7ea06a69 fix default working directory `hostProcess`
1040c7b98 build(deps): bump the otel group with 8 updates
b50e9eae4 Refactor spots to make use of sys.IgnoringEintr
3ea69db8e Add helper to ignore eintr
1b6222418 Bump tags.cncf.io/container-device-interface to v0.7.1
ad584ebec Replace direct waitid syscall with unix.Waitid
7c5078459 Remove empty default tls configuration in ctr
b6e361694 cri: add pause image name to annotations
0ec14fdf8 core/diff/apply: use unix.Syncfs
739659a4b build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2
433279438 Transfer: Registry: Enable plain HTTP
88b4cc659 address review comments
f20c49311 Update tracing documentation to add details about manual instrumentation
63d5573a3 remote: Fix HTTPFallback fails when pushing manifest
2474a99c3 Add IsNotFound case to ListPodSandboxStats
3830f8167 fix(cri): fix unexpected order of mounts since go 1.19
cbb644182 build(deps): bump github.com/Microsoft/hcsshim from 0.12.0 to 0.12.2
362fcf2d2 build(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0
5b6ae0f79 Use different containerd sock address in tests
ab2c569fb ctr: fix parsing mount options
b97ef91fb Change port forwarding on windows
ea681afba docs: fix typo
6d00c3ada runc-shim: only defer init process exits
da4ca4949 build(deps): bump github.com/pelletier/go-toml/v2 from 2.1.1 to 2.2.0
dd72fb3b2 build(deps): bump github.com/intel/goresctrl from 0.6.0 to 0.7.0
e41e9e11b transfer: Platform matcher should match multiple platforms
d0d35f0d0 core/images/archive: normalizeReference: remove outdated TODO
26158609b pkg/seutil: move to internal/cri
33732bc13 pkg/systemd: move to internal/cri
0d0850af1 Prepare v2.0.0-rc.0
f5abb63c0 Update mailmap
30813f646 build(deps): bump github.com/containernetworking/plugins
0fafc0c50 build(deps): bump github.com/checkpoint-restore/go-criu/v7
7c1fca096 Update migration script based on usage
45e425ccc vendor: github.com/golang/protobuf v1.5.4
4aa6fedd5 CRI: postpone removal of deprecated config properties
34c545824 Automatically decompress archives for transfer service import
df26c189a Clean cri options and useless parms
88421068f Fix invalid event filter in podsandbox
357c59b79 Update github actions ci to run on forks
4b719cc4b build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1
10c7f03b3 build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0
21d3fedf4 build(deps): bump softprops/action-gh-release from 1 to 2
228aa42a6 build(deps): bump the otel group with 8 updates
47d13767f Clean typos in plugins.
7ac9d6909 Use the Go toolchain in CI matrix to build binaries
6a96e4501 Move shim package to pkg
f25770e48 Wire through CRI ContainerCheckpoint RPC
7ecdebff9 update to go 1.21.8, 1.22.1
723306d0e Disable OOM set score unpriv test temporarily
994fdd74e Don't create new scratch VHD per image for CimFS
016b588a9 build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0
d9409c461 Update hcsshim to v0.12.0
00d714e90 build(deps): bump the golang-x group with 2 updates
ab4de3e4c build(deps): bump azure/login from 1 to 2
713dd8f8d go.mod: k8s.io/cri-api v0.30.0-alpha.3
d9b9160ae mv internal/testutil pkg/testutil
752917c0f build(deps): bump github.com/prometheus/client_golang
7a3b7fba5 Transfer: Registry: Enable to use registry configuration diretory
1bf781d8e Cleanup introspection interface
5bd204109 Remove grpc from Client connection interface
347346e3c Add ttrpc support to content proxy
9104e6a24 Add events proxy interface
892dc54bd runc-shim: process exec exits before init
9128ee0a9 Move nri packages to plugin and internal
d0da3d1ca sandbox: make event monitor in CRI independent
17ea3959b adds mediatype to oci index record
c5ef8a2c2 fix(docs): fix duplicate instructions for windows installation
87e8e9c7f Add Go client stability in releases for 2.0.
72f21833b Move events to plugins and core
caa9e2075 add k8s 1.29 and 1.30preview to support table
154ed26a7 vendor: go.etcd.io/bbolt v1.3.9
6d1dfe55f cri: ensure the pause image loaded in older versions is pinned
2884b318f build(deps): bump github.com/klauspost/compress from 1.17.6 to 1.17.7
bd44df8a1 refactor code - clean switch and if statements
a60e52f58 sandbox: add struct tags for PinnedImages
a0b73ae11 sandbox: optimize the lock in PodSandbox
0f1d27412 sandbox: add methods to sandboxService
a2768f19d plugins/sandbox: move local plugin into services
d651cb743 mediatypes: support zstd compression
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We no longer need the split between container-docker and
containerd-opencontainers and dependent layers have been
given over a year to adapt.
We do keep the provides and rprovides around for a bit
longer, but those will also be removed in the future.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update containerd to v2 to fix following containerd version:
containerd github.com/containerd/containerd/v2 2.0.0-beta.0+unknown
it should be like:
containerd github.com/containerd/containerd/v2 v2.0.0-beta.2-204-gb1624c362.m b1624c3628954e769dd50783b63823040b2db38c.m
* Remove CONTAINERD_PKG, it is not used
* Update default PACKAGE in Makefile to v2
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-beta.2-204-gb1624c362, which comprises the following commits:
5351ad6b4 .github: windows should use fix critool version
a2768f19d plugins/sandbox: move local plugin into services
464319b3a Remove pause package from runc shim
2cd08156e cri: Expose runtimeHandler support for userns
358aef4bc go.mod: Update cri-api to include userns changes
105f2d727 build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0
02db6beb8 build(deps): bump github.com/prometheus/client_golang
75f58579c build(deps): bump github.com/opencontainers/runtime-spec
522130a66 sandbox: support vsock connection to task api
f0e874941 Add ttrpc generated services
65031eade Update protobuild to build ttrpc services
04c37d565 build(deps): bump the k8s group with 5 updates
bd4810415 ci: update crun version to 1.14.3
50d0de96a Update 1.7 support timeline
4fbc9842d Changes to configuring otel from env only
753a525b3 Deprecate otel configs
0693b936d replace deprecated Prestart to CreateRuntime hook
6a21c96b5 Replace go-grpc-prometheus with go-grpc-middleware/providers/prometheus
567e56a20 build(deps): bump github.com/opencontainers/image-spec
6a759713a Update golangci-lint to v1.56.1
f44d90be4 Rename variables and snapshotter option to resolve lint warnings
5611db530 cri: Make sure host sandbox files exist before adding them to mounts
9077d1372 KEP-3857: Recursive Read-only (RRO) mounts
83ad4367d script/test/utils.sh: readiness_check: print daemon log
f8f1e5f7a Add container monitor plugin type for restart
c86c8a16f integration: add case related to ContainerStats in upgrade suite
acec60f55 integration: update recover case for upgrade
e659cd275 integration: connect to shim by bridge client
51689b661 integration: introduce hook for upgrade test suite
a95c8ed59 integration: check data dir after delete container or pod
ec759f5be integration/*: extend Runtime.Status response
401d4b491 integration: add some helper function to release upgrade cases
7cf8a00c7 Run failpoints tests only for runc
a890c8e53 Add job to report statuses from matrix jobs
132485adb Convert CLI to urfave v2
c8766123d Prevent GC from schedule itself with 0 period.
a086125ae Move config version to version package
99721c27e Disable the support for Schema 1 images
b9dfba5b8 Add CRIImageService.RemoveImage()
4c775fcfb Pass runtimehandler from CRI pull image request
4dcf089fa Move high volume event logs to Trace level
1b3a96da6 cri: propagate deprecation list to runtime status
ac7febc93 moving up for new CRI changes
ccec1e6e4 Remove internal LoopConfig struct
3d8da2ebf build(deps): bump the golang-x group with 1 update
a274439f2 build(deps): bump golangci/golangci-lint-action from 3 to 4
468bee9a7 ctr: print deprecation warnings on every invocation
c2dfae8d0 go.mod: Bump golang.org/x/sys to v0.17.0
41bb8b816 Revert "Fix for k8s nfs related tests"
48c8c5f50 Remove ParseSignal from client
281eb22cc Remove deprecated dialer
1ce7b9951 Remove deprecated filesys funcs
5ca56ddbb Remove deprecated funcs from restart package
653b80899 Remove deprecated docker package
413fbe82c Fix unpacker link in remote snapshotter docs
23ebfd030 Fix for k8s nfs related tests
25ab90219 Update to v0.29.1 cri-api
5e3e12d2a build(deps): bump the otel group with 8 updates
c4bb72ae4 Remove CRI plugin path note
87aa9e800 Drop go 1.20 and build against 1.22
276384695 Update codeql-action/upload-sarif dependency in scorecards workflow
634ac2f8f Update migration script for transfer packages
f46aea618 Move transfer and unpack packages
d9b95ab68 Update gce configure.sh to use registry config_path
360fbf197 Fix windows integration tests
2820343d4 Update workflow files to install Go via composite action
488b56361 Extract a composite action to install Go
5aa05481d Add OSVersion to platform protobuf
d9cae66d8 Extend string match in make protos
c58b1fb40 Update github.com/containerd/console to v1.0.4
06ed897b2 cri/server: Add userns tests in PodSandboxStatus
6c356a5c7 cri: Expose userns in PodSandboxStatus rpc
1eaf0c1f0 bug fix: make sure cri image is pinned when it is pulled outside cri
9eb9038a9 Avoid publishing data events during transaction
86530c0af Move image event publishing to metadata store
32bd8eff9 Move inline PS scripts into files
4e8e21a7d go.{mod,sum}: update NRI dependency, re-vendor.
5cbe92e88 Clean up repeated package import
72950c00b Treat PRs that require rebase > 90 days as stale
db437580b build(deps): bump github.com/opencontainers/image-spec
2c7d69530 build(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.6
da1673f55 Update vendor
047d42e90 Update ttrpc to v1.2.3
64e96c7d4 Update hcsshim to v0.12.0-rc.3
a9060cda4 Support inject delay running with the old version (4.x) of strace for test case.
9ef94fe52 fix(docs): fix cp and add step to include binaries in the $env:Path
fe24b918f pkg/nri, docs: enable NRI by default.
e230ed939 sandbox: add sandbox recover ut and e2e test
312496474 sandbox: fix recover status set issue
256637249 Fix config import relative path glob
667069583 Revert "cri: make read-only mounts recursively read-only"
a9152ebf8 copy: prevent potential deadlock if close before fully written
b48e1141e copy: setError should imply Close
e4f91c2df copy: remove max number of ErrResets
651cfa2a2 pushWriter: refactor reset pipe logic into separate function
9d7641ff3 copy: improve error detection from closed pipes
91a50f70b copy: check if writer was closed before setting a pipe
4660f6303 copy: remove wrapping io.NopCloser from push writer pipe
0facc8592 Fix proto formatting
7f2d2c4f4 Move Message proto to types
287524733 Fix formatting after moving CRI
bbac058cf Move CRI from pkg/ to internal/
6e365e925 CRI: An empty DNSConfig != unspecified
9340be717 Remove duplicated TOML duration parsers
b2f254fff cri: make read-only mounts recursively read-only
f74e5ce7e Move differ default to its own file
82fb589ff Update runc binary to v1.1.12
87a9835f1 docs: fix typo
81409e937 Add a default differ that matches the snapshotter
2369185aa CI: update Rocky Linux to 8.9
d8460a702 CI: bump up crun to 1.14
ebbce7423 rm docs/cri/installation.md
49d5cc7f9 build(deps): bump github.com/klauspost/compress from 1.17.4 to 1.17.5
4d33170ea build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0
3a5b47d73 build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0
9a983caad build(deps): bump github.com/containerd/plugin
495afb0c0 build(deps): bump lycheeverse/lychee-action from 1.9.1 to 1.9.3
5365a1089 build(deps): bump google-github-actions/upload-cloud-storage
64b4778fc Add deprecation warnings to CRI image server configuration
65b3922df Split streaming config from runtime config
58ff9d368 Move cri plugin to plugins subpackage
d29a1bc6a Move sandbox info to cri types packages
9795677fe Move cri base plugin to CRI runtime service
966d51801 The `Links` workflow should be disabled in forks.
e15f191a2 Fix func (m manager) Info in containerd-shim-runc-v2
4f570db1a refactor: remove containerd/containerd/log
010857d33 Add errdefs and platforms to migration script
7cf54b437 Remove unused pkg/errdefs package
fb9b59a84 Switch to new errdefs package
6b906a22d Prepare release notes for v2.0.0-beta.2
b608c6f73 doc: fix package import path in sample code
b16e3572a refactor: move plugin/fieldpath to api/types/
22d586e51 api/services/instrospection: add PluginInfo
ad869e905 Use tags.cncf.io CDI url in config.md
eb8981f35 mv contrib/seccomp/kernelversion pkg/kernelversion
a6e52c74f seccomp: kernel 6.7
ed4710241 Code clean for nri_api.
ade80789b Remove walker diff plugin for Windows
af6a90bf5 remotes/docker/authorizer.go: invalidate auth tokens when they expire.
e79ec7a09 Remove deprecated platforms package
3f620143f Use github.com/containerd/platforms package
9dd29b3cf Update container-device-interface to v0.6.2
7eccde5d0 Clean plugin indent in containerd-config.toml.5.md
b16d46740 pod: CreatedAt time will be 269 years ago while creating cri network failed.
378e9f443 build(deps): bump actions/cache from 3 to 4
748fe2035 integration: add test for recovering images
2e8e03389 Add multi-subscriber support to GetContainerEvents CRI API
e7eb08eb5 Add support for multiple subscribers to CRI container events
cfe8321b4 strip-volatile-option-tmp-mounts
d34725f85 CI: use standard GHA runners
9d2c22123 Prepare release notes for v2.0.0-beta.1
e9f2bba1f remotes: FetchByDigest: propagate media type from config to desc
d7689ae8b Remove CRI plugin config after migrating
f48f61fd8 Add migration integration test
eb9925d88 Update config migrations to decode using the plugin type
15713014d Update server config slice merge strategy
cf6f439eb Fix transfer plugin unpack configuration
eb123db5f ctr: use transfer service by default
94d1b2098 Add migration script to contrib
9ee1f4716 Rebuild protos with updated runtime location
dbc74db6a Move runtime to core/runtime
df9b0a067 Move metrics to core/metrics
19e763553 Move pkg/truncindex to internal/truncindex
764c90700 Move pkg/tomlext to internal/tomlext
1c4be2d88 Move pkg/testutil to internal/testutil
114df368f Move pkg/registrar to internal/registrar
4ee6419fa Move pkg/randutil to internal/randutil
696cf2565 Move pkg/kmutex to internal/kmutex
5e1d9543b Move pkg/hasher to internal/hasher
23914a01b Move pkg/failpoint to internal/failpoint
c79ecfe24 Move pkg/cleanup to internal/cleanup
8f0eb2631 Move tracing to pkg/tracing
6be90158c Move sys to pkg/sys
de606680b Move rootfs to pkg/rootfs
fdb8a527c Move reference to pkg/reference
e59f64792 Move oci to pkg/oci
fa8cae99d Move namespaces to pkg/namespaces
b76236bb4 Move labels to pkg/labels
bb71c2835 Move identifiers to pkg/identifiers
5e00f63ce Move gc to pkg/gc
11114b0a9 Move gc/scheduler to plugins/gc
c38f2ab72 Move filters to pkg/filters
44a836c9b Move errdefs to pkg/errdefs
70ed2696f Move events to pkg/events
b0c3d00e9 Move cio to pkg/cio
8e14c39e8 Move archive to pkg/archive
fcd39ccc5 Move snapshots to core/snapshots
e0fe656da Move snapshots/windows to plugins/snapshots/windows
57bdbfba6 Move snapshots/overlay to plugins/snapshots/overlay
9b8c558f9 Move snapshots/native to plugins/snapshots/native
5c07d5d36 Move snapshots/lcow to plugins/snapshots/lcow
8473322f0 Move snapshots/devmapper to plugins/snapshots/devmapper
7dd96fe34 Move snapshots/btrfs to plugins/snapshots/btrfs
2909f07f8 Move snapshots/blockfile to plugins/snapshots/blockfile
92d2a5fc0 Move services to plugins/services
ce41d1c90 Move services/server to cmd/containerd/server
228ad5a5c Move sandbox to core/sandbox
d133019c9 Move runtime/restart/monitor to plugins/restart
0dabf6f15 Move remotes to core/remotes
6e5408dce Move mount to core/mount
1a1e0e8c8 Move metadata to core/metadata
18b3cbe4f Move metadata/plugin to plugins/metadata
f80760f9f Move leases to core/leases
cc6a5c9c6 Move leases/plugin to plugins/leases
57ea8aef3 Move images to core/images
913edcd48 Move diff to core/diff
d14350376 Move diff/windows to plugins/diff/windows
2d861b6ea Move diff/walking to plugins/diff/walking
aaf6ac04c Move diff/lcow to plugins/diff/lcow
9456048f4 Move containers to core/containers
21b4f3f0a Move content to core/content
846f7d4e6 Move content/local to plugins/content/local
725c92e7c include image name in error message
18b0d236c build(deps): bump actions/upload-artifact from 3 to 4
f45b46b67 runtime/v2: reduce shim plugin log
20619a7c9 ci: make artifact name unique in linux integration
2053d9157 build(deps): bump lycheeverse/lychee-action from 1.9.0 to 1.9.1
d4396c96b mount: UnmountRecursive return nil if path doesn't exist
8aa2551ce Move DefaultSnapshotter constants
c8e8a093c config: enable CDI by default
5a3d3f613 Update load image test to use local import
6041d4e60 Update fuzz contrib for updated image service
2a476d421 Move ParseImageReferences to cri util
3baf5edb8 Separate the CRI image config from the main plugin config
ad4c9f8a9 Update CRI runtime platform and pinned image configuration
11f311fdd Add minimal interface to CRI image store
02a9a456e Split image config from CRI plugin
d23ac1122 Split CRI image service from GRPC handler
a2472c0b5 transfer: add OCI descriptors to Progress structure
f26196950 Move certain debug logs to trace logs
a5d958706 update to go1.21.6, go1.20.13
21640c57a Uninstall mingw before attempting upgrade
174efb1e0 update imgcrypt binary to v1.1.9
dfb175380 build(deps): bump the golang-x group with 2 updates
2b415c911 build(deps): bump lycheeverse/lychee-action from 1.8.0 to 1.9.0
7dadd5f1b sandbox: remove sandboxStore from podsandbox
a3c62e698 add label flags to ctr import, add integration tests
d01056555 Handle failure when stopping a sandbox
8235665e7 content: Add InfoReaderProvider
fa83bc8de integration: remove use of golang.org/x/sys/execabs
dffeea471 add get cgroupdriver from RuntimeConfig to integration
46b2f1d16 Use latest VM image to get Windows updates regularly
a8d39666d Move cimfs OS build compat check to the operation functions instead of init()
0d3c3efe3 integration/import-export: Add WithSkipMissing tests
b9af453f0 export: Copy distribution source labels to manifest annotations
61a7c4999 import/export: Support references to missing content
1ab4fac94 update runc binary to v1.1.11
5387747e9 build(deps): bump github.com/containerd/cgroups/v3 from 3.0.2 to 3.0.3
a1e0601e0 fix: Update go.opentelemetry.io/otel/sdk/trace to satisfy traceProvider interface
78421616e deps: Update otelgrpc
bd4c281c5 build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0
62a824a4b build(deps): bump github.com/intel/goresctrl from 0.5.0 to 0.6.0
7fe038e4a build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0
81bb66942 build(deps): bump github.com/google/uuid from 1.3.1 to 1.5.0
9d328410a shim: Create pid-file with 0644 permissions
daa1ea522 Add cimfs differ and snapshotter
c19193574 fix: return gRPC code "unavailable" if server is not initialized yet
1f9151af6 build(deps): bump google.golang.org/grpc from 1.58.3 to 1.60.1
0b48b5659 build(deps): bump google-github-actions/upload-cloud-storage
97ec26a5e build(deps): bump actions/download-artifact from 3 to 4
22138541a tracing/plugin: newTracer: ignore context.Canceled errors on Close()
7c651e183 docs: fix CI badge in README
e10c82e4c build(deps): bump github.com/google/uuid from 1.3.1 to 1.5.0
25dc823bf integration: fix format string for klog.Infof
fc4b78c05 build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0
1c96087ce build(deps): bump github.com/Microsoft/hcsshim
7e3c8af52 build(deps): bump github.com/prometheus/client_golang
f9303d04d build(deps): bump github/codeql-action from 2 to 3
4c1ebe33b build(deps): bump docker/setup-buildx-action from 2 to 3
51fd1d47e dependabot: enable groups
4a71a9360 build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
344fe957f build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
6726a2aeb build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
0c98f1063 build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
39ba0347e build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8
db43e3d1f build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
4660090ba build(deps): bump actions/stale from 8 to 9
ace8ab1bd build(deps): bump docker/login-action from 2 to 3
0b94716e8 build(deps): bump actions/github-script from 6 to 7
9133ad811 build(deps): bump actions/upload-artifact from 1 to 3
c1823a7c6 build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1
36b12cbcb build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
dc5a6cfae build(deps): bump google-github-actions/auth from 0 to 2
f6a9c6966 build(deps): bump actions/setup-go from 3 to 5
e27ea7d1a build(deps): bump google-github-actions/upload-cloud-storage
3ca95282e build(deps): bump actions/checkout from 3 to 4
1398186ca WithAppendAdditionalGroups: better /etc/group handling
5a140dca5 CI: enable dependabot
c1197995b go.mod: Bump up github.com/pelletier/go-toml to v2.1.1
23278c81f *: introduce image_pull_with_sync_fs in CRI
bd5c602c4 api: introduce sync_fs to diff.ApplyRequest
6bb81ee57 Document `ns` query string added to mirror requests
98526c9d3 Exclude releases directory from links checker
f67c1632f Add ignore list for links
e740dd3d6 Add links status badge
bfa651c69 Fix broken links
c9fa5b980 Add nighly job to verify doc links
25b052cbc Move GenerateRuntimeOptions() to pkg/cri/config
cb5a48e64 *: enable ARM64 runner
596ada3ac release: add .dockerignore to fix repeated builds
cf4b57989 Remove deprecated tracing function
8203bb997 Add HTTP client update function to tracing library
ad3b806a4 fix(tracing): use latest version of semconv
22db60b6b upgrade crun version from 1.9 to 1.12
993790969 go.mod: Bump up github.com/containernetworking/plugins to v1.4.0
734219a21 update to go1.21.5, go1.20.12
212200452 update to go1.21.4, go1.20.11
ad96fded4 Don't block snapshot garbage collection on Remove failures
8bbce8d37 pkg/process: Check using idmap mount options too
96aaf5a3b Add core and internal root packages
6c6dfcbce contrib/apparmor: deny /sys/devices/virtual/powercap
106a9b776 oci/spec: deny /sys/devices/virtual/powercap
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original purpose of using BPN vs PN in the RDEPENDS was due to
32bit multilib issues. Those problems are no longer present, so we
can adjust this recipe to use the standard PN in rdepends.
This change avoids the following warning:
WARNING: .../containerd-opencontainers_git.bb: Variable key
RDEPENDS:${PN} (...) replaces original key
RDEPENDS:containerd-opencontainers
( ${VIRTUAL-RUNTIME_container_runtime}).
if, e.g., RDEPENDS:${PN}:append = " ..." is used in a bbappend or
bbclass.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We refresh our GO_FLAGS patch for new context, and drop the install
of v1 or unversioned shims as the runtime-v1 has been dropped
Bumping containerd to version v2.0.0-beta.0-88-g87bf39a7f, which comprises the following commits:
96aaf5a3b Add core and internal root packages
c0363754f sandbox: get runtime info from sandbox or container
95d2a3b7c upgrade: add cri upgrade test case
0bc963341 runtime/v2: net.Dial gRPC shim sockets before trying grpc
e1b495866 sandbox: keep rootDir and stateDir compatible
b0fef6738 sandbox: migrate sandbox_mode to sandboxer
c8012b6d7 sandbox: make a clear dependency of cri plugins
2ead89509 Support gzip and zstd HTTP transport compression to fetch remote resources
8e567aa58 mv pkg/process cmd/containerd-shim-runc-v2/process
a813097dc Bump up github.com/fsnotify/fsnotify to v1.7.0
c384e3717 containerd-stress: use config address for CRI test
d4c828c2c integration: add new binary upgrade case
8e91edb71 fix(pkg/dialer): minor fix on dialer function for windows
ad3f8c563 tomlext.Duration add MarshalText method
6da015284 go.mod: github.com/containerd/continuity v0.4.3
cd348e6ef .golangci.yml: remove directories that don't exist
4b556a6e0 Bump up golangci-lint to v1.55.2
c51d4f9b6 push: always inherit distribution sources from parent
e15c24655 Move CRI image service into a separate plugin
80dd779de remotes/docker: close connection if no more data
7f410ae05 integration: reproduce #9347
2e9686c05 fix: deflake TestCRIImagePullTimeout/HoldingContentOpenWriter
4aa932337 CI: update Fedora to 39
f6c4de6b5 fix: podsandbox depends on Lease plugin
1b65fe264 fix ticker leak
1af0cba1a Update documentation for containerd v2.0 packages
4f42da416 adopters.md: remove Eliot project
01c442147 Enhance container image unpack client logs
e7390d4ed vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0
1a1bd6d0a runtime/v2/shim: use structured log for plugin ID
71fd85f5e runtime/v2/shim: run(): remove unused "name" argument
0a59c33be runtime/v2/shim: rename var that shadowed package var
be22e12d5 services/server: use structured log for plugin ID
09de4f1fc services/server: rename var that collided with import
14e621cf9 services/server: gofumpt
32bf805e5 sandbox: add a sandboxService interface to criService
25a4c3d23 sandbox: remove SandboxersServicePlugin
0cf48bab2 sandbox: podsandbox init its own client
7d65a4563 Move runc shim implementation to cmd
e682da76c fix labels in pod sandbox
64c41162c update tests to use labels from cri/labels
7e79225ce refactor labels used in cri server
274a16282 update runc binary to v1.1.10
2e014fa2a cri: fix update of pinned label for images
cb555fa16 golangci-lint: enable depguard to prevent re-introducing libcontainer
dac056fe7 integration: deflake TestIssue9103
7b9fcfd7c add default enable unprivileged icmp/ports
a7cd49c68 expected and actual field position adjustment
e099717f9 validate kernel version for unprivileged icmp/port
76049170b document runtime and shim configuration and selection
2fab240f2 integration: init release upgrade test
2af6db672 switch back from golang.org/x/sys/execabs to os/exec (go1.19)
a596d09ec cri: add deprecation warning for configs
35924bccc cri: add deprecation warning for auths
d7cb25d77 cri: add deprecation warning for mirrors
58cc275eb cri: add ability to emit deprecation warnings
68cac3f62 client: remove obsolete ErrCheckpointRWUnsupported
df19888f8 add warning use inheritable Capabilities
411e2bce4 Remove plugins package
9db21401c Switch to github.com/containerd/plugin
a48ddf4a2 Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile.
2dfae4c4b Prepare release notes for v2.0.0-beta.0
6ca4b5260 Update mailmap
a67efe88d Add tests cases
f1d659dc5 Update package name in Makefile
0ffc3e987 Handle ArgsEscaped for new Sb Server
b85df264e Rename opt to avoid stutter
261e01c2a Move client to subpackage
b6adf43d4 test: use 'Autoclear: ture' in TestRwLoop and add Autoclear test
124d3a20a Sync ops.md, update CLI --help output to be consistent in descriptions
5fdf55e49 Update go module to github.com/containerd/containerd/v2
abfc8be53 Fix lint in integration/client
ddd73ad30 Move protofiles generated into v2 directory
638b474c8 Temporarily remove imgcrypt in CRI to fix circular dependency
192168038 Temporarily remove integration/client submodule
4e3fbd36e vendor: github.com/klauspost/compress v1.17.2
856d1053f vendor: google.golang.org/grpc v1.58.3
466ee870d Check scheme and host of request on push redirect
3fff8b4f6 ctr: new deprecations command
079383dbe dynamic: record deprecation for dynamic plugins
260e71abc server: add ability to record config deprecations
bc861b66f pull: record deprecation warning for schema 1
9aab44673 introspection: add support for deprecations
57c897f10 api/introspection: deprecation warnings in server
240733ce2 warning: new service for deprecations
aff5b809c deprecation: new package for deprecations
d48ceb606 Avoid TLS fallback when protocol is not ambiguous
ed759bae3 Update go fuzz to directly instantiate server
09e40511a fix bug that using invalid token to retry fetching layer
2fea521d0 Disable windows-2019 integration test temporarily
9fc407d8c ci: bump up golangci-lint to v1.55.0
8b4f9656d sandbox: remove ValidateMode as it is not used
337cc2171 pkg/cri: should ignore no sandbox bucket
f515cd5c5 Reorder fields when writing bootstrap params
3d53fbe85 Fix CRI integration tests
f76eaf5a6 Fix 'not a directory' error when restoring bootstrap.json
cf75cfa32 Add more logs around shim restore
8061cb023 Save bootstrap.json instead of address file
e03bf32b8 Switch runc to v3
7a2d801d6 Expose shim instance version
f66c46806 Bridge task service v2
daaf67662 Switch runc shim to task v3
bb64e6a8e Initialize sandbox controller list on CRI server creation
03d81f595 Use cri streaming pkg from k8s staging
b006f1c15 integration/client: replace hardcoded strings for OCI-spec consts
d3f5e0c90 images/archive: replace hardcoded strings for OCI-spec consts
8e7c10c6d CRI: enhance ImageFsInfo() to support multiple snapshotters
e4639ad18 Add exports to proxy plugin config
3986f80c3 go.mod: bump up github.com/opencontainers/image-spec to v1.1.0-rc5
f7c9e9942 vendor: golang.org/x/net v0.17.0
c3652540c vendor: golang.org/x/text v0.13.0
ff602c213 vendor: golang.org/x/sys v0.13.0
39b168cdb vendor: google.golang.org/grpc v1.57.1
930ee552e Fix typos
3ef300ca7 sandbox: remove global variable of podsandbox controller
7bca70c0c sandbox: do not call Connect when loadShim
d2d434b7d sandbox: add all sandbox information to Create method
0707f6869 sandbox: ignore not found error when remove sandbox
2951fb6dc sandbox: support more sandbox controllers
8b3597685 sandbox: add Sandboxer field to sandbox metadata
69e501e7c sandbox: change SandboxMode to Sandboxer
f372b3501 sandbox: add sandboxer field of sandbox requests
a782fd6da Use LOOP_CONFIGURE when creating loop devices
771237563 Add a new image label if it is docker schema 1
5ad6f3432 CRI: use (snapshotter_id, snapshot_key) to uniquely identify snapshots
41b2b2a7b go.mod: bump up github.com/klauspost/compress from v1.17.0 to v1.17.1
4febb0852 deprecated: go-plugin library as runtime plugin
51c9ffe46 remotes: add handling for missing basic auth credentials
4f339b5b5 RELEASES.md: mark legacy CRI as removed status
0a4f79211 Remove use of v1 runtime plugin type for Unix
71f8b4357 Move dynamic plugins to a subpackage
7b2a91821 Generalize the plugin package
a80606bc2 Move plugin type definitions to containerd plugins package
cb969085f Temporarily remove zfs as built in plugin
2486c1298 Exit shim when shutdown manager is done
1b3199324 Rename sbserver to server
4edc6c2d9 Add note about configuration versions in releases
c5c94dc86 Fix CRI tests panic on CI
a3c2c1e4d Clean shell scripts
fa1d3a9cc Fix dependencies after remove
3742f7f0d idmapped: use pidfd to avoid pid reuse issue
2332b9ba1 Remove legacy CRI from CI
536abf1b3 Remove legacy CRI
33b1a833c Move CRI testing package out
016114ff6 Move bandwidth package out of CRI server
3c1e7ffb8 Integration: Alter TestContainerPids for Windows
8f013bb71 Add migration for older configuration versions
313f514fd update to go1.21.3. gp1.20.10
6b752b536 update to go1.21.2, go1.20.9
8f3d1c9d9 add cpu-burst param to ctr command
3ddcd6120 add Duration type to compatible toml v1 version
535916d1d Skip exec.LookPath if a specific gzip implementation is disabled
4b59d67dd add a new flag "skip-reference-check" to skip reference name check
34378ec9b Use Intel ISA-L's igzip if available
7d6369087 Fix windows default path overwrite issue
13dcf558e Fix windows default path overwrite issue
39478eeec go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0
859c2651e remotes/docker: Fix MountedFrom prefixed with target repository
c85b1d1e4 Bump up golangci-lint to v1.54.2
6169433b6 Fix linter issues for golangci-lint 1.54.2
e3cb7471a CRI: Snapshotter per runtime handler adjustments
42dc8faba Bump x/net to 0.13
79772a0dd remotes: always try to establish tls connection when tls configured
11a7751af *: add runc-fp as runc wrapper to inject failpoint
68dd47ef7 containerd-shim-runc-v2: avoid potential deadlock in create handler
6604ff6c5 containerd-shim-runc-v2: remove unnecessary `s.getContainer()`
0d76fe5c1 Fix some assertions for integ tests
1dced31c3 ci-fix: pin the mingw version 12.2.0.3042023
aae71aa8e update gitignore to indicate that where contributors can use global gitignore
8ffb03d68 cri: stop recommending disable_cgroup
5365f4b29 cri: call RegisterReadiness after NewCRIService
46645b393 Call migrations per version
5518a5026 remotes: simplify mediatype logic
8b105984b pkg/transfer/local: simplify mediatype logic
79acce462 integration: use mediatype helpers
0ba5b4b62 oci: use mediatype helpers
cdba61603 remotes: use mediatype helpers
69034f755 pkg/display: use mediatype helpers
5ab04ac5a pkg/unpack: use mediatype helpers
da1196979 pkg/snapshotters: use mediatype helpers
f1cbc5f90 containerd: use mediatype helpers
4b1bb1293 remove github.com/opencontainers/runc dependency
62f621a34 images: simplify mediatype logic
377c5ca9c images/archive: use mediatype helpers
bb8a472f2 images: use mediatype helpers
e7254406c Require plugins to succeed after registering readiness
62f273d50 Add migrate subcommand to config command
0320ad184 Add config migration to plugin package
f58158e2d Add config migration and bump config version
bf4fbe4e8 docs: Update `transfer` service docs to reflect completed implementations for 1.7
b40e95e0e images: Config: explicitly return nil-error
36c2222d3 Add usage calculation test
3b60e9366 Create new imagetest package
4c344f2fa Add warning for plugin configs with unknown fields
a9ba33f8f Allow for images with artifacts to pull
650148313 Add warning log for unknown config fields
b5615caf1 Update go-toml to v2
8b413daff Remove log package except for exported const used by hcsshim
2f1b92710 Update zfs library to use new log repository
508aa3a1e Move to use github.com/containerd/log
f1070c4e1 docs/userns: Clarify requirements for k8s 1.25/1.26
42eee8bf0 fix: Add `containerd` to the message type reference
9e819fb4a Update CRI image store to not use containerd client
dcb2e7447 Improve doc of func NewNetNS
2ce971d89 Add delete target to image remove
f8fb2dad3 api: update image service to support target in delete request
8e3722c7d CI: Set slow_chown for overlayfs snapshotter
46d3094aa docs/userns: Fix small typo
d008d64a8 docs/userns: Clarify containerd 1.7 limitations
e37908200 docs/userns: Document the need to opt-in for a slow chown
8bf8e2b97 snapshotter: Use capa prefix consistently for capabilities
ec9e0dca9 overlay: Require opt-in if idmap mounts are not supported.
03b9ce56b deprecate logs package, but disable linter (for transitioning)
d69ae811d alias log package to github.com/containerd/log v0.1.0
729c97cf3 Handle unexpected shim kill events
ed5f7e7c8 Update image in client to use new usage package
96a23ccc1 Create new usage package
79f781d00 Refactor: Removing inherently flaky and unused SourceDateEpochOrNow function.
8cbb4ea5d vendor: github.com/containerd/nri v0.5.0
3ca39ef01 fix: Remove `LimitNOFILE` from `containerd.service`
83240a4f7 Bump crun to 1.9
967313049 doc: Add documentation about CRI user namespaces
2e13d3954 pkg/process: Only use idmap mounts if runc supports it
fce1b9507 go.mod: Update runtime spec to include features.MountExtensions
a81f80884 Revert "cri: Throw an error if idmap mounts is requested"
e832605a8 integration: Simplify WithVolumeMount()
24aa808fe integration: Add userns test with volumes
ab5b43fe8 cri/sbserver: Pass down UID/GID mappings to OCI runtime
e916d77c8 platforms: move ToProto, FromProto to api/types
381442945 platforms: remove errdefs dependency
e0b2b17de cri/server: Add tests for the linux-specific parts of VolumeMounts()
10cb112e4 cri/server: Add tests for ContainerMounts()
97dfa7f55 cri/server: Pass down uidMappings to OCI runtime
b42bdd125 release: remove `cri-containerd-*.tar.gz` release bundles
9656b8c0d nri: update mock plugin handlers
6f9de91ef vendor: update github.com/containerd/nri@v0.4.0
f7089ba22 leases: add WithLabel
1480e3bd4 leases: cleanup TestWithLabels
d94a789d1 Fix usages of `mountinfo.PrefixFilter`
45e303eea task: expose criu work path opt
f77185f9e Fix "even if IPv4 comes first" test to have IPv4 first
88a849626 Don't use `To16() != nil` to detect IPv6 addresses
eaf607101 update to go1.21.1, go1.20.8
1a7490c5a Add link to CONTRIBUTING from README
0413f1272 Add contributors guide
05093d7c0 vendor: github.com/cncf-tags/container-device-interface v0.6.1
ac1d556b9 Add image verifier transfer service plugin system based on a binary directory
55b2df560 go.mod: github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2
a00888db8 fix reference to canonical fieldmask type
0041996ca CI: bump up crun to 1.8.7
4bc0b2660 Revert the removal of the parameter Container
6ec0d4a3a prevent ctr from creating tags with forbidden characters
a4bdbf784 content: reduce the contention between ref lock and boltdb lock
abfabb6d8 contrib/fuzz: fix redeclared issue
295bcec07 snapshotter: implement unit tests for idmapped mounts for overlay
9d01ed1c3 integration: add test for idmapped mounts
e49e6d6fd snapshotter: implement slow path for idmapped mounts check for overlay
1555a31bf mount: support idmapped mount points
723c88ce3 snapshotter: add "--remap-labels" support to overlayfs
e8ddf669f snapshotter: support "remap-ids" capability for overlayfs
ef6b91947 fix(docs): fix on the windows installation script
5d31e9378 pkg/systemd: use sync.Once for systemd detection
7d0ab4fc2 remove uses of github.com/runc/libcontainer/cgroups
9bc6441c2 vendor: github.com/google/uuid v1.3.1
13ff185ba Blockfile: Enlighten blockfile copy on Darwin
a3e8503ed .github: enable fuzz build
cd705af89 metadata: add image delete events during garbage collection
3f9756c18 gc: add support for image expiration
b32638e21 ctr: pull or fetch image metadata by default
20f79300c push: inherit distribution sources from parent
24aca53fa Update use of content.Infoprovider
f8c789f31 content: add InfoProvider interface
02d519ad6 Update hcsshim tag in runhcs-version script
a2817ca16 CRI: Include sandbox ID in failed to load error
492347090 replace reference/docker for github.com/distribution/reference v0.5.0
26dcae2f6 fix ossfuzz building error
19d6c37a3 Revert "log: define G() as a function instead of a variable"
fd5d92a7f Update hcsshim tag versioning to v0.12.0-rc.0
779875a05 Add missing unpacker.Wait for image import
4f5db2bc0 metadata: format unit test output
15b13fb3e Windows: Supply windows shim version via file
7a0ad09a0 make repositories of install dependencies configurable
34def8b33 Remove redundant nil check
fc45365fa Remove most logrus
f9c35feb3 Makefile: allow overriding GO_BUILD_FLAGS via environment
490905be6 go.mod: github.com/containerd/continuity v0.4.2
03abceac5 Update LTS description
34f32043b Blockfile: Expose RecreateScratch option
b4f487ce9 Apply suggestions from code review
1e3540e11 Add stale bot
4e236962f Update critools to 1.28.0
c92f4a160 Update RELEASES
c3f3cad28 Use sandboxed CRI by default
b76cd4d9f replace some fmt.Sprintfs with strconv
bbdbf7ab6 Add inspect image commands
78308b4a4 Add manifest printer library
11a5dd826 snapshots: replace some fmt.Sprintfs with strconv
06765c9ef oci: replace some fmt.Sprintfs with strconv
710d22366 removes/docker: replace some fmt.Sprintfs with strconv
d7bc8694b pkg/cri: replace some fmt.Sprintfs with strconv
73e9cfd1c append k8s 1.28 to releases
6d8329d7f Remove unnecessary joinError unwrap
8399a4ee7 Remove temporary replace
7ad0a6ccf Update to latest releases in RELEASES.md
cd8c8ae4b Remove hashicorp/go-multierror
1571a5aa0 ctr: metrics: drop unused retval from printWindowsStats()
7063ae1f6 Makefile: add rule for installing documentation
de4c338ab Docs: Document proxy plugin diff support
d09f7cbe0 cri: Fix sandbox_mode "shim"
60b2cb143 cmd: containerd: allow building w/o systemd notify
23c95359a Add WithMetaStore to overlay snapshotter to allow bringing your own
0c1ad52ea cri: spec_linux: drop unused retvals
eacd74c2b Go 1.21.0
5756cb00e CI: increase timeout for Binaries
c883410c9 CI: Explicitly upgrade MinGW on Windows 2019 GitHub runners.
0f043ae43 seccomp, apparmor: add go:noinline
5d9bf7d13 CI: temporarily disable ci_fuzz due to incompatibility with recent Go
e2ce4f58f Populate commit memory for windows memory usage stats
823e0420e Fix transfer service dependencies:
cfb30a31a Invoke Stable ABI compatibility function in windows platform matcher
0cea317a5 FreeBSD: set default runtime
def5ff3c4 Sandbox: Add annotations to controller CreateOptions
939ccbed4 Sandbox: Add annotations to CreateSandbox surface
1fd3a4652 archive/tarheader: fix FreeBSD hdr for regular files
f8edd5555 update runc binary to v1.1.9
f35d1f08e go.mod: github.com/opencontainers/runc v1.1.9
00ef8ba99 Vagrantfile: add strace tool
601699a18 integration: add ShouldRetryShutdown case based on #7496
8dcb2a6e6 pkg/cri/sbserver: fix leaked shim issue for podsandbox mode
72bc63d83 pkg/cri/server: fix leaked shim issue
5bdd9ca93 integration: add case to reproduce #7496
b451fa96a bump client-go v0.26.4
a645ff2e6 Update dependencies after protobuf update in hcsshim
e7e5619fe Update hcsshim tag to v0.10.0
54baf766e add metrics for discarding events
189a1599c archive/compression: update out of date RFC draft link
cac8b6f4b Makefile: allow overriding the binary executable target dir
90443f038 CI: update Rocky Linux to 8.8
0a57dc2a0 CI: update Fedora to 38
30dd0a17f CI: install Vagrant from Hashicorp
965641dbc Makefile: allow REVISION be overwritten by environment
fc32197d4 Makefile: fix overriding go command
2d3360ec7 CI: move Vagrant tests to GitHub Actions (larger runners)
4f3c8c468 replace mcr.microsoft.com registry to ghcr.io/containerd registry
d41c62a55 .github/workflows: add dmesg step for integration-linux
fd8778fba delete checkout branch in doc
c62abcb14 docs: document CRI cgroup driver auto detection
c80a3ecaf cri/sbserver: Use platform instead of GOOS for userns detection
157dff281 update to go1.20.7, go1.19.12
687a5f51a fix: allow attaching to any combination of stdin/stdout/stderr
aa8b094ab platforms: clarify docs for amd64/arm64 variant normalization
710d987d2 Fix default platform matcher when ctr import
2d64ab8d7 cri: Don't use rel path for image volumes
85a2c9a01 log: swap logrus functions with their equivalent on default logger
6baff1694 log: add package documentation and summary of package's purpose
238da2c52 log: make Fields type a generic map[string]any
634a4a1bb log: add log.Entry type
dd67240f1 log: define OutputFormat type
778ac302b log: define G() as a function instead of a variable
81ac648d9 log: add all log-levels that are accepted
0b6333a41 log: group "enum" consts and touch-up docs
4a36022e2 log: WithLogger: remove redundant intermediate var
40ee5fb11 log: SetFormat: include returns in switch
6fe7e03b8 log: remove testify dependency
e2ad5a985 removes/docker: remove unnecessary conversion (unconvert)
ed47d6ba7 cri: implement RuntimeConfig rpc
a1cdf60cb docker: add test to ensure not found error is returned by resolve
b4814a29d docker: return most relevant error from docker resolution
7f7ba31b6 cri: fix using the pinned label to pin image
480757135 pkg/epoch: fix Y2038 on 32-bit hosts
98974117b migrate to community owned bucket
a3404ac42 docker: add missing info log for 4XX/5XX responses
850b2e1bf go.mod: update cri-api to v1.28.0-beta.0
480bc8a2b .github/workflows/ci.yml: upgrade Ubuntu from 20.04 to 22.04
bc96b9039 go.mod: github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0
da2740885 go.mod: google.golang.org/genproto v0.0.0-20230720185612-659f7aaaa771
73dc13ad6 go.mod: github.com/urfave/cli/compare v1.22.14
1c4fc568b go.mod: github.com/prometheus/client_golang/compare v1.16.0
68abb525a go.mod: github.com/minio/sha256-simd v1.0.1
1f2216cc7 go.mod: github.com/klauspost/compress v1.16.7
3c6ab0420 go.mod: dario.cat/mergo v1.0.0
4bda0a69e go.mod: github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
0f033b612 go.mod: github.com/emicklei/go-restful/v3 v3.10.2
90e050298 go.mod: github.com/containernetworking/plugin v1.3.0
0498acefb go.mod: github.com/.../container-device-interface v0.6.0
74b8cb850 go.mod: github.com/opencontainers/runc v1.1.8
895dd2e93 go.mod: github.com/opencontainers/image-spec v1.1.0-rc4
235a4452d go.mod: github.com/opencontainers/runtime-spec v1.1.0
06f18c69d cri: memory.memsw.limit_in_bytes: no such file or directory
f3daf32c7 Fix ro mount option being passed
b2967a8d6 update runc binary to v1.1.8
90ecb8104 fix: `ctr images check` outputs not unpacked images in quite mode
98f27e1d9 Revert "Add support for mounts on Darwin"
e939d1319 Revert "Revert 416899fc8e81a80a4b09b59c801f98d36ddc0e74"
6c9c71112 Revert 416899fc8e81a80a4b09b59c801f98d36ddc0e74
2799b28e6 Add support for mounts on Darwin
56d80f81a Update hcsshim tag to v0.10.0-rc.9
9c673f967 pkg/cri/server: TestImageGetLabels: use registry.k8s.io
f914edf4f [cri] Handle Windows pod transitions gracefully
52ef3468b Update Go to 1.20.6,1.19.11
48cdf1fe2 integration: Enable userns tests for sbserver
9160386ec cri/sbserver: Test net.ipv4.ping_group_range works with userns
1c6e26844 cri/sbserver: Fix net.ipv4.ping_group_range with userns
36a96d7f3 cri/sbserver: Remap snapshots for sbserver too
508e6f6e0 cri/sbserver: Add userns tests to TestLinuxSandboxContainerSpec()
fb9ce5d48 cri/sbserver: Support pods with user namespaces
c99cb95f0 cri/sbserver: Let OCI runtime create netns when userns is used
73c75e2c7 cri/sbserver: Copy userns helpers to podsandbox
0b6a0fe77 cri/sbserver: Move runtimeStart to match position with cri/server
90087ac44 WithRemapperLabels: Update doc to mention overlay supports it
9d9903565 cri: Fix comment typos
9e34b8b44 Uncopypaste parsing of OCI Bundle spec file
232538b76 bugfix(port-forward): Correctly handle known errors
5c480d9c8 Modify loopback size
7ef133ad4 Fix mount pkg typo
83ff030e4 Change http.Header copy to builtin Clone
cdb153ec9 Resolve docker.NewResolver race condition
01a6e1c73 Dedup WithNewSnapshotView
6a913ac82 Cirrus CI: configure apt-get to wait for locks
38f9bc3e0 fix ci Linux Integration test fail
c17d3bdb5 pkg/cri/server: Test net.ipv4.ping_group_range works with userns
9bf5aeca7 pkg/cri/server: Fix net.ipv4.ping_group_range with userns
05fef52b6 vendor: github.com/containerd/zfs v1.1.0
073de9308 Fix the auto restart fail when using LogURI and TTY together
00e5ae211 shim: change ttrpcService and ttrpcServerOptioner to exported interfaces
e9f63f64f update go to go1.20.5, go1.19.10
22a7c63c0 Sandbox: Change to mount.Mount for CreateOptions
51a1e7f0b Fix example shim to actually use its task service
a9cb6090e ci: remove libseccomp-dev installation for nightly
0607e7326 Move GetTopic function out of runc shim
5dedb6d0d archive: use 1970-01-01 as the whiteout timestamp
d6dbc4040 go.mod: Update cgroups to 3.0.2
f3b7436b6 Platforms: Add From/ToProto helpers for types
b3ab1f26c Snapshots: Add From/ToProto helpers for types
0a6b8f0ee OCI: Add From/ToProto helpers for Descriptor
4df27fd77 Update ginkgo to match cri-tools' version
9a202e342 seccomp: always allow name_to_handle_at
55a8102ec mount: Add From/ToProto helpers
e85352183 integration/client: Rework withBytesBuffers
54a93c6c5 Make ptypes.Empty a var in contentserver
cdc90c838 Remove duplicated code in content Copy
50376ec9f remotes: allow FetchByDigest client to pass mediatype as header
0a92661e6 Add a platform.ParseAll helper
e89d7204e MergeStringSlices use sets
8760b8717 pkg/epoch: extract parsing SOURCE_DATE_EPOCH to a function
9924e56f4 pkg/epoch: fix tests on macOS
dfd7ad8b3 Reword Windows file related TODO
44e2b26a8 pkg/epoch: replace some fmt.Sprintfs with strconv
f82d9b799 Integration: Align empty IO func on Windows
f3124d569 Makefile: Remove hcsshim related TODO
2aeac9a8f Remove duplicated writeIndex func
7601dd9a9 Dedup manifest config platform helper
f3df7f739 log when a lease expires
a01118bbe Minor changes to sandbox metadata
f60a4a271 cri: drop unused arg from generateRuntimeOptions
1fb835f04 Remove unnecessary label bucket loop
a207b430e snapshots/blockfile: fix lint issue
59b0b39af vendor: update github.com/containerd/continuity
d358f1680 fix unbound variable
f4ad68d5f fix-push-image-rate
7de95cbc4 snapshots/blockfile: deflaky the testsuite
6dfb16f99 snapshots|pkg: umount without DETACH and nosync after umount
72b7d1650 mount: support direct-io for loopback device
437f13410 Don't run CI on push
e26c97cb8 Save marshalled empty response in streaming service
9e09bfb59 Use RWMutex in NSMap and reduce lock area
38b0f970f No more nondistributable layers in MS registry
d278d37ca Sandbox: Add Metrics rpc for controller
d115129d1 Add configurable mount options to overlay
d56722ef2 Sandbox: Add SandboxMetrics rpc
4bb709c01 avoid "any" as variable name
577696f60 replace some basic uses of fmt.Sprintf()
5cd6210ad runtime/v2/runc: handle early exits w/o big locks
df280942a integration/client: add timeout to `TestShimOOMScore`
6dd529e40 Pass in imagespec.Platform to WithVolumes()
d18026592 release ticker correctly
28a5199ff Add a check to skip stats for containers that are not running
34a93a0c2 task: don't `close()` io before `cancel()`
007c5b6e3 Setup otlp from env
104b9ef9e Update x/sys to 0.8.0
69b451af5 RELEASES.md: de-deprecation of CNI conf_template will be v1.7.3
ab5365222 ctr: update WritePidFile to use atomicfile
c409c631c shim: WritePidFile & WriteAddress use atomicfile
3c4a1ab1c cri: write generated CNI config atomically on Unix
f3ba7c8a3 atomicfile: new package for atomic file writes
28d8c79de Replace atomicBool with the standard library atomic.Bool
fe4f8bd88 Pinned image support
a85b12d4d docs: cherry-pick individual commits instead of merge commit
738c4c6fa Fix issue for HPC pod metrics
52997ea98 remotes/docker: ResolverOptions: fix deprecation comments
a35ead5b9 bugfix: add nil pointer check for cgroup v1 mem usage
2a60fe5a6 Remove events from init context
d3887b2e6 Support CDI devices in ctr --device flag
3ca5b4437 Remove cni conf_template deprecation
94f0af3ec Image.IsUnpacked(): make error-handling more iodiomatic
54658a115 Image: rename variable that shadowed import
d2b7a1e29 cleanup DEPRECATED TLS config
f857626d6 Move PLEG event back to CRI
fc50334ca Generate sandbox exit events from CRI
d2605de73 add handling of a '.' commondir and bounds checking to mount_linux
cf5605459 Move pod sandbox recovery to podsandbox/ package
45dbb4e54 Publish sandbox events
65906335b Add sandbox events protos
21b3318eb Fix several conversions of "ocispec.Image" to "ocispec.Platform"
f2bc73782 Add cpuset-mems flag to 'ctr run' command
f642c0a5f ctr: add cpuset-cpus flag to 'ctr run' command
314d758fa update auths code comment
9702d4aee snapshots/blockfile: use passed in dst in scratchGenerator
bb82f3683 snapshots/blockfile: use loop if options is empty
9287711b7 upgrade registry.k8s.io/pause version
fbb38ab6b Fix the spelling of repository within the NRI plugin documentation.
752e13d9a fix(docs): minor fix on the windows installation steps
c1b926800 Windows Integration: Switch Azure-based CI to vanilla 2019 image.
b9dfd29b7 Update tests to use volume-copy-up:2.2
4bfcac85f notify readiness when registered plugins are ready
7819da843 Document Protocol Buffer Setup
579b5596c Update volume-ownership image with latest hashes
88a3e25b3 Add targetOS to WithVolumes()
c7ec95caf Reword comment and make slight change to code
ec2bec648 Fix non C volumes on Windows
3d7522b7f ctr: allow run to override mounts
7beaa5e85 Add mount options to blockfile snapshotter
261d45efe docs/remote-snapshotter.md: update links and description
7274e33e3 CRI: Make stats respect sandbox's platform
82deabf9d Optimize metadata Schema notes to correctly match metadata structures
a6cd5e3f4 bugfix: resolve symlink when looking up mountpoint
b9f2e48e3 feat: make overlay sync removal configurable
becf04a59 Update to docker/login-action V2
79709a205 disable provenance
1be571b14 Add sync before unmount on snapshotter layer test
b729962e3 Add blockfile snapshotter to snapshotters doc
798dba9fa Add blockfile as a builtin
0c386e2eb Add blockfile snapshotter
d280cb83b chore: update comment for NetworkPluginSetupSerially
f8907ab87 Update volume-copy-up
811456b31 go.mod: github.com/containerd/continuity v0.4.0
6f715ab10 go.mod: github.com/containerd/go-runc v1.1.0
85cf9a09e Bump seccomp version to be the same as one in runc repo
cdaa4025e Fix some typos
3d9dd2022 ctr: fix the cleanup of task
66307d0b4 CRI: Support Linux usernames for !linux platforms
5dbae3819 snapshots/testsuite: Rename: fix fuse-overlayfs incompatibility
df65e321e Simplify closing bundle dir fd
718250b6b Update ttrpc to v1.2.2
7e42dc34d improve container Task comment
4347fc8bc go.mod: github.com/opencontainers/image-spec v1.1.0-rc3
5e054ee63 go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2
bb61a6d4b cache diffIDs
6e2c915a4 Bump up golangci-lint to v1.52.2
ecb693ec7 bump typeurl to v2.1.1
f5211ee3f Change to Readdirnames for some cases
e60a17925 .github: disable cache for actions/setup-go@v4
52afa34f5 cri: update WithoutDefaultSecuritySettings comment
6f34da5f8 Cleanup logrus imports
717169bb8 plugin: remove go < 1.8 stub, enable on windows and arm64
28d749c9e move to CRI-TOOLS v1.27.0
27f56e607 Fix umarshal metrics for CRI server
b947a6f52 update go to go1.20.4, go1.19.9
c54b706c0 Add faasd and actuated into the ADOPTERS file
d56466cf3 [transfer] avoid setting limiters when max is 0
2e53c0ec8 Windows integration: fix critest binary path in Azure-based workflow.
9e7f8fe30 Update CRI registry configuration docs
0d975230e Fix panic when remote differ returns empty result
c58a229e5 Run CI when adding to the merge queue
0ba066474 vendor: github.com/opencontainers/runc v1.1.7
cbd10e41a vendor: github.com/opencontainers/runc v1.1.6
27c0fe3eb update runc binary to v1.1.7
4891bba83 Update tar tests to run on Darwin
d9f3e387c Remove entry for container from container store on error
8ba285f6b fix unable to checkpoint the container more than once
370be0c18 Move logrus setup code to log package
92b93e376 cri: Vendor v0.27.1
8c80ccc7f Update external repo links that changed default branch to main
519457e3e ctr: Add sandbox flag to ctr run
c786994ea Update transfer configuration
4e5693938 Add platform config to proxy plugins
4192ca8f8 pkg/cri/server: sub-test uses array and capture range var
8bcfdda39 pkg/cri/sbserver: sub-test uses array and capture range var
745ec84e5 Add diffservice to contrib
3784c1c91 Add proxy differ
cb2c3ec8f oci: partially restore comment on read-only mounts for uid/gid uses
f23816740 go.mod: add comment explaining go-fuzz-headers replace rule
ec9e74ed9 go.mod: remove replace for github.com/opencontainers/runtime-tools
6c40cf305 go.mod: integration: use non-pre-release of containerd
92d1e9bee go.mod: integration: move indirect dependencies to the right group
18d7e84f9 runtime/shim: fix the nil checkpoint options
cd16b31cd Get CDI devices from CRI Config.CDIDevices field
da4de96e2 containerd support k8s 1.27
4b35c3829 update shim example
71ababe30 runtime/shim: remove runc/v2/services
b71f4b751 runtime/shim: rename RunManager to Run
49111b115 update runc binary to v1.1.6
85df1cc6b doc: update CI signal info in README
7e6ab8488 cri: Throw an error if idmap mounts is requested
85afda6f5 cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings
f7b8b1181 update the version of the runc shim in the readme and examples
dc2fc987c capture desc variable in range variable just in case that it run in parallel mode
05bb52b27 Use t.TempDir instead of os.MkdirTemp
7a7519a78 CRI Sbserver: Make PodSandboxStatus friendlier to shim crashes
79cb4b000 [sbserver] handle missing cpu stats
464a4977a [sbserver] Refactor usageNanoCores be to used for all OSes
e0b817ec1 Fix argsEscaped tests
aee358765 Update to setup-go@v4 action
811be6085 Update Azure-based Windows workflow image SKUs.
dfc7590d5 remotes/docker: Add MountedFrom and Exists push status
db223271e Register imagePullThroughput and count with MiB
6f0714efc Use RunWithPrivileges
b41ca1159 Fix access denied on mounted vhdx root
a7fddb40b Use wait instead of a sleep to check for startup delay
d0527e228 Support for dropping inheritable capabilities
0fb2d9132 update go to go1.20.3, go1.19.8
cab056226 oci: Use WithReadonlyTempMount when adding users/groups
c9e5c33a1 UnmountAll is a no-op for missing mount points
8538e7a2a Improve error messages and remove check
ba74cdf15 Make ReadOnly() available on all platforms
7bb2756bc Increase integration test tmieout to 20m
1279ad880 Remove bind code path in mount()
6a5b4c9c2 Remove "bind" code path from diff
76690706f CI: bump up crun to 1.8.3
d373ebc4d Properly mount base layers
ca5605b4a Skip parent layer options on bind mounts
7f82dd91f Add ReadOnly() function
157fe6a13 docs: fix typo in comment of ExitStatus.Exit(Code|Time)
4012c1b85 Remove escalated privileges
54f8abe55 Use DefaultSnapshotter
47dd3dcff use t.Fatal if we cannot enable process privileges
e31bef15f Update continuity
95687a932 Fix go.mod, simplify boolean logic, add logging
7a36efd75 Ignore ERROR_NOT_FOUND error when removing mount
db3279859 Update continuity, go-winio and hcsshim
00efd3e6d Remove unused function
dc980b14a Grant needed privileges for snapshotter tests
feb637f92 Fix layer comparison and enable read-only checks
36dc2782c Use bind filer for mounts
d591bb042 Enable TestSnapshotterClient on Windows
7b36becd2 Run Windows snapshotter through the test suite
ac30eabbd Fix misspelling of 'Native' as 'Naive'
639c5799a Add paired 'mount' log for 'unmount'
8395e3a89 Don't use all-upper-case filenames in snapshot tests
909730dec Skip tests that do not apply to WCOW on Windows
469c13997 Ensure mounts are unmounted before leaving the test
84cc3e496 Unify testutil.Unmount on Windows and Unix
474a257b1 Implement Windows mounting for bind and windows-layer mounts
34b07d3e2 Implement WCOW parentless active snapshots and view snapshots
82ec62b86 fix: cio.Cancel() should close the pipes
ac84bf7c8 Update sbserver to add noexec nodev and nosuid to /etc/resolv.conf mount bind.
126ab72fe Keep linux mounts for linux sandboxes on Windows/Darwin
990199a02 Test to ensure nosuid,nodev,noexec are set on /etc/reolv.conf mount.
96490734b update runc binary to v1.1.5
b55dad06a go.mod: github.com/opencontainers/runc v1.1.5
c89438e83 integration: add container start test using abs runtime path
3557ac884 Extract image service from CRI
97064b077 WithRuntimePath uses the TaskInfo.RuntimePath field
c56f54aa1 devmapper plugin: skip plugin when not configured
a11e47b48 Use built in atomic.Bool
87346df54 Defer uid lookups on Darwin
ae4dbb60d Add noexec nodev and nosuid to sandbox /etc/resolv.conf mount bind.
1be08b10f ctr/tasks: fix unmarshal the task metrics for cgroups v1
8322bcb88 Adds a file header
50b576a94 Adds a dev container and Codespaces docs
0bbca7f1b Cleanup protobuild config
daa3a7665 Add `WithReadonlyTempMount` to create readonly temporary mounts
f48ae2227 fix: Update error message format based on feedback
3193650f1 fix: 'failed to resolve symlink' error messaging
14714b94d Fold the output of `crictl info`
5fdca538d adding cni metadata to the container in the `ctr run --config`
32d431a7c Update crictl doc
690ae58ca Update cri-tools version on windows
5956cdea8 Remove third-party package cri-api
c011502bd Remove cri v1alpha1 services
23d288a80 Remove the CriuPath field from runc's options
62f98a1c1 CRI: Don't always close netConfMonitor channel
a4d33a784 Remove support for config.toml `version = 1`
3e87f05b6 Fix image pulling with Transfer service
c5f1086ad Update docs
fda5c84bc Update gce contrib to use v2 by default
8bd82e355 Remove no_pivot when creating container from CRI
07c2ae12e Remove v1 runctypes
c50a3ef04 Update Makefile and CI
ef516a150 Remove runtime v1
76778aee6 integration: add restart monitor test for paused task
35a103d32 Remove "containerd.io/restart.logpath" label (deprecated since v1.5)
08337f356 Pre-splice strings and determine whether it is a file and check criCleanup err.
e0d9b9663 Fix restarting the paused containers
86fc1ccab Remove `aufs` snapshotter (deprecated since v1.5)
50740a1a0 use strings.Cut instead of strings.Split for parsing imageConfig.User
b39ac5d09 docs: fix typo in comment of plugin.Plugin.Err()
d835fd2a3 Sandbox: Correct/add some fields to Status()
d3e856da7 export: add test for WithSkipDockerManifest
70da5c783 Sandbox: Cleanup shim on Start failure
406583165 archive: consistently respect value of WithSkipDockerManifest
727b25403 fix userstr for dditionalGids on Linux
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.7-5-g5e21abb18, which comprises the following commits:
d0a1fedb5 *: add runc-fp as runc wrapper to inject failpoint
04491240a containerd-shim-runc-v2: avoid potential deadlock in create handler
6982a0df5 containerd-shim-runc-v2: remove unnecessary `s.getContainer()`
0e2320398 Uncopypaste parsing of OCI Bundle spec file
a34fa5681 Prepare release notes for v1.7.7
6ca0aebf0 Allow for images with artifacts to pull
7df492a95 remotes/docker: Fix MountedFrom prefixed with target repository
7779ce64e remotes: always try to establish tls connection when tls configured
b3db314a5 Bump x/net to 0.13
a83c66813 Require plugins to succeed after registering readiness
171d76849 cri: call RegisterReadiness after NewCRIService
6013b5e03 cri: stop recommending disable_cgroup
3d27bc738 Handle unexpected shim kill events
4ffa3ed29 Build binaries with 1.21.1
5756f6064 [release/1.7] vendor: github.com/Microsoft/hcsshim v0.11.1
09633b539 deprecate logs package, but disable linter (for transitioning)
cb201519f alias log package to github.com/containerd/log v0.1.0
a5024e6dd vendor: github.com/stretchr/testify v1.8.4
7bd976af3 vendor: github.com/sirupsen/logrus v1.9.3
3ca015e55 nri: update mock plugin handlers
4cd208c1f vendor: update github.com/containerd/nri@v0.4.0
8cd2d33c2 [release/1.7] remotes/docker: Add MountedFrom and Exists push status
3e09c65b2 Prepare release notes for v1.7.6
5ebf05d97 push: inherit distribution sources from parent
d206896dd content: add InfoProvider interface
423693d7b [release/1.7] update to go1.20.8
c7a35ccdc Fix transfer service dependencies:
38d4e506d Invoke Stable ABI compatibility function in windows platform matcher
ddffc7c9a Update hcsshim tag to v0.11.0
b449440a4 CRI: Support Linux usernames for !linux platforms
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.5-8-g86dc86e62, which comprises the following commits:
ed4bac11e Blockfile: Enlighten blockfile copy on Darwin
4d1cfbbdd Revert "log: define G() as a function instead of a variable"
a34e93241 make repositories of install dependencies configurable
b449440a4 CRI: Support Linux usernames for !linux platforms
503ab21bf go.mod: github.com/containerd/continuity v0.4.2
93b23eb10 Prepare release notes for v1.7.5
fb1292c8d Bump version to v1.7.4
7a0cae3ca [release/1.7] Prepare release notes for v1.7.4
537d7526e integration: issue7496 case should work for runc.v2 only
0f4885c16 Add configurable mount options to overlay
8804a27d7 feat: make overlay sync removal configurable
5add172be Vagrantfile: add strace tool
207e28f36 integration: add ShouldRetryShutdown case based on #7496
b4f480fb3 pkg/cri/sbserver: fix leaked shim issue for podsandbox mode
88ff575c5 pkg/cri/server: fix leaked shim issue
9f61dfb7c integration: add case to reproduce #7496
2a9ae3c51 log: swap logrus functions with their equivalent on default logger
01445bb73 log: add package documentation and summary of package's purpose
932795f45 log: make Fields type a generic map[string]any
707ca94d8 log: add log.Entry type
0a79e67e4 log: define OutputFormat type
dbbe28b7d log: define G() as a function instead of a variable
93b6cb784 log: add all log-levels that are accepted
e8e086e02 log: group "enum" consts and touch-up docs
7aa4f8fdc log: WithLogger: remove redundant intermediate var
bfdce4ce4 log: SetFormat: include returns in switch
6621e0888 log: remove testify dependency
df76aaede removes/docker: remove unnecessary conversion (unconvert)
1c2dd5198 Remove temporary replace
2bf6bd143 vendor: update github.com/containerd/continuity
30a163086 snapshots|pkg: umount without DETACH and nosync after umount
c9eebe3d1 mount: support direct-io for loopback device
1c2977db0 Modify loopback size
cf9c78d2d snapshots/blockfile: fix lint issue
b823b4f54 snapshots/blockfile: deflaky the testsuite
6daeceb11 snapshots/blockfile: use passed in dst in scratchGenerator
99b61aee3 snapshots/blockfile: use loop if options is empty
fd39769ac Add mount options to blockfile snapshotter
8d732c6c2 Add sync before unmount on snapshotter layer test
8472a407e Add blockfile snapshotter to snapshotters doc
6740d77ca Add blockfile as a builtin
07cc24b32 Add blockfile snapshotter
32e3b76ee Add diffservice to contrib
661e505c8 Add proxy differ
af79c07fd update runc binary to v1.1.9
c0b1c8f74 fix ci Linux Integration test fail
4e97a115f cri: Don't use rel path for image volumes
34a5d0330 fix: allow attaching to any combination of stdin/stdout/stderr
c5e7b84c0 update to go1.20.7, go1.19.12
2eaeb3205 Fix ro mount option being passed
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
bitbake has been enhanced such that SRCPV is no longer needed in
PV to handle updating git hashes and task signatures.
We can simplify our PV by dropping SRCPV
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.3-2-g98e8e05b6, which comprises the following commits:
2eaeb3205 Fix ro mount option being passed
4cb2f1515 [release/1.7] Add release notes for v1.7.3
b461ecacf cri: memory.memsw.limit_in_bytes: no such file or directory
14328ae03 migrate to community owned bucket
b985f7ef1 update runc binary to v1.1.8
f7a20e17c Move logrus setup code to log package
7353c0286 ctr: update WritePidFile to use atomicfile
ae7021300 shim: WritePidFile & WriteAddress use atomicfile
186eb64b7 cri: write generated CNI config atomically on Unix
64c3dcd8e atomicfile: new package for atomic file writes
083f57160 capture desc variable in range variable just in case that it run in parallel mode
a9440ce6b Use t.TempDir instead of os.MkdirTemp
eea3440d8 use strings.Cut instead of strings.Split for parsing imageConfig.User
eace67180 fix userstr for dditionalGids on Linux
973778193 Update Go to 1.20.6,1.19.11
60a6db9c2 Cirrus CI: configure apt-get to wait for locks
6b6b0c828 bugfix(port-forward): Correctly handle known errors
898eca21e Change http.Header copy to builtin Clone
fa2efc406 Resolve docker.NewResolver race condition
241514815 pkg/cri/server: Test net.ipv4.ping_group_range works with userns
801e8c806 pkg/cri/server: Fix net.ipv4.ping_group_range with userns
d5639a5a8 vendor: github.com/containerd/zfs v1.1.0
403033e52 update go to go1.20.5, go1.19.10
15d65709e ci: remove libseccomp-dev installation for nightly
a08ae718c [release/1.7] go.mod: Update cgroups to 3.0.2
c2c54af9d Update ginkgo to match cri-tools' version
6281d46df seccomp: always allow name_to_handle_at
3bf3996d9 integration/client: add timeout to `TestShimOOMScore`
699d6701a Pinned image support
18c6503d9 runtime/v2/runc: handle early exits w/o big locks
dafbeb5b1 No more nondistributable layers in MS registry
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.2-13-ga766dc550, which comprises the following commits:
dafbeb5b1 No more nondistributable layers in MS registry
e5b2a0131 task: don't `close()` io before `cancel()`
a6a15afe3 move to CRI-TOOLS v1.27.0
58b6b99cd Add a check to skip stats for containers that are not running
0b2b96479 RELEASES.md: de-deprecation of CNI conf_template will be v1.7.3
a24267b28 Remove cni conf_template deprecation
89415fe36 Fix issue for HPC pod metrics
e134b6393 Fix panic when remote differ returns empty result
0e41daaea [release/1.7] Prepare release notes for v1.7.2
99582fb1a fix: cio.Cancel() should close the pipes
eeda70fb0 remotes/docker: ResolverOptions: fix deprecation comments
313c226b8 Update continuity to a tagged version
e21c8beee Post cherry-pick fixes
246240f71 Move PLEG event back to CRI
16f3726dd Generate sandbox exit events from CRI
0c8cfb1a7 Move pod sandbox recovery to podsandbox/ package
91d9f5c64 Publish sandbox events
4b77683b4 Add sandbox events protos
8dd16285a UnmountAll is a no-op for missing mount points
acff3eefa Improve error messages and remove check
b4dd3bf4e Make ReadOnly() available on all platforms
08d8baf3f Increase integration test tmieout to 20m
1f0dbd011 Remove bind code path in mount()
8f37b1c63 Remove "bind" code path from diff
9139208b3 Properly mount base layers
e61e7b312 Skip parent layer options on bind mounts
e4307926f Add ReadOnly() function
0277b9b01 Remove escalated privileges
d5c18dfb7 Use DefaultSnapshotter
853179366 use t.Fatal if we cannot enable process privileges
5b3ee413f Update continuity
375172604 Fix go.mod, simplify boolean logic, add logging
600abd137 Ignore ERROR_NOT_FOUND error when removing mount
df7295dcd Update continuity, go-winio and hcsshim
0db78c482 Remove unused function
219058766 Grant needed privileges for snapshotter tests
96fbe5bc8 Fix layer comparison and enable read-only checks
279e0d3c9 Use bind filer for mounts
93e94da40 Enable TestSnapshotterClient on Windows
3a3da693a Run Windows snapshotter through the test suite
e7b62322f Fix misspelling of 'Native' as 'Naive'
e1f999a18 Add paired 'mount' log for 'unmount'
5788d6e52 Don't use all-upper-case filenames in snapshot tests
3cdcb2f10 Skip tests that do not apply to WCOW on Windows
b0968b8bb Ensure mounts are unmounted before leaving the test
b57424851 Unify testutil.Unmount on Windows and Unix
b9a8aad45 Implement Windows mounting for bind and windows-layer mounts
1a64ee183 Implement WCOW parentless active snapshots and view snapshots
7851b0a9f CRI: Make stats respect sandbox's platform
8d7c340ca [sbserver] handle missing cpu stats
d08b2a088 [sbserver] Refactor usageNanoCores be to used for all OSes
2c38cad77 notify readiness when registered plugins are ready
08de6e7b8 Update volume-ownership image with latest hashes
6a5e54c15 Get CDI devices from CRI Config.CDIDevices field
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The previous HOMEPAGE has been archived. Use the active one.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.1-4-g835383b17, which comprises the following commits:
6a5e54c15 Get CDI devices from CRI Config.CDIDevices field
9e60300ea snapshots/testsuite: Rename: fix fuse-overlayfs incompatibility
7b288e2d7 Update ttrpc to v1.2.2
27a0d957b Prepare release notes for v1.7.1
0e0532eb2 bump typeurl to v2.1.1
35e86f96c [transfer] avoid setting limiters when max is 0
f7233811f Update transfer configuration
4510eac00 Fix image pulling with Transfer service
aaa65e8c1 Update hcsshim tag to v0.10.0-rc.8
95ef67e19 Fix umarshal metrics for CRI server
3ef5b689a runtime/shim: fix the nil checkpoint options
021bba28b update go to go1.20.4, go1.19.9
6b3ae0129 Remove entry for container from container store on error
c0e128624 skip TestContainerStartWithAbsRuntimePath if the runtime is v1
aa3c63c15 integration: add container start test using abs runtime path
d2d9eedb1 WithRuntimePath uses the TaskInfo.RuntimePath field
fae4b6223 update runc binary to v1.1.7
571715a9d cri: Vendor v0.27.1
a6d336c1f Fix argsEscaped tests
1bbf98e53 oci: partially restore comment on read-only mounts for uid/gid uses
8f6e86fec go.mod: add comment explaining go-fuzz-headers replace rule
1ece0cb50 go.mod: remove replace for github.com/opencontainers/runtime-tools
e9f962187 go.mod: integration: use non-pre-release of containerd
84393b005 go.mod: integration: move indirect dependencies to the right group
dec2595af update runc binary to v1.1.6
7de8629be cri: Throw an error if idmap mounts is requested
75ac7e0d8 cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings
54d12b872 oci: Use WithReadonlyTempMount when adding users/groups
624327651 update go to go1.20.3, go1.19.8
1d6641b7c export: add test for WithSkipDockerManifest
0e0d84f6b archive: consistently respect value of WithSkipDockerManifest
9b4935d86 Update sbserver to add noexec nodev and nosuid to /etc/resolv.conf mount bind.
5e953cfa6 Test to ensure nosuid,nodev,noexec are set on /etc/reolv.conf mount.
0aad93f08 Add noexec nodev and nosuid to sandbox /etc/resolv.conf mount bind.
1a64f1b43 ctr/tasks: fix unmarshal the task metrics for cgroups v1
17c52a26d Keep linux mounts for linux sandboxes on Windows/Darwin
d81fc15af update runc binary to v1.1.5
755efbe64 go.mod: github.com/opencontainers/runc v1.1.5
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.0-11-g6ea9bc57f, which comprises the following commits:
d81fc15af update runc binary to v1.1.5
755efbe64 go.mod: github.com/opencontainers/runc v1.1.5
90591db47 Defer uid lookups on Darwin
b7d87b190 Add `WithReadonlyTempMount` to create readonly temporary mounts
1c1b6bcb2 CRI: Don't always close netConfMonitor channel
cf2e454bf Sandbox: Correct/add some fields to Status()
ce68e8e0d Sandbox: Cleanup shim on Start failure
e13a9165e Prepare release notes for v1.7.0
625217d5f RELEASES.md: describe the deprecated config properties
703e2ba4b docs: link docs/managed-opt.md to client.Install
f2bb9c9b0 Go 1.20.2
56354c7de Update ttrpc to v1.2.1
5144ba9c4 sandbox: create sandbox with network namespace path
dd3eedf3c labels: Add LabelDistributionSource
5c9c630c3 use uppercase letters for flag usage
0efc498d3 Prepare release notes for v1.7.0-rc.3
ff4acdc42 metadata: add comments about Image.CreatedAt
6d46bb410 go.mod: go.opentelemetry.io/otel/* v1.14.0
d26587c72 archive: disable looking up usernames and groupnames on the host
535ef5054 go.mod: github.com/stretchr/testify v1.8.2
2b4f830ed go.mod: github.com/opencontainers/selinux v1.11.0
6bfc82daf go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1
7c70185ae go.mod: github.com/klauspost/compress v1.16.0
8e67b2731 go.mod: github.com/imdario/mergo v0.3.13
6afec5558 go.mod: github.com/emicklei/go-restful/v3 v3.10.1
c4f928f88 go.mod: github.com/containerd/ttrpc v1.2.0
5630d6a84 go.mod: github.com/containerd/fifo v1.1.0
6d9513231 go.mod: github.com/containerd/cgroups/v3 v3.0.1
da1ffdd75 go.mod: github.com/Microsoft/hcsshim v0.10.0-rc.7
60738e31d Update imgcrypt to v1.1.7
8a4d409b9 Add release notes for v1.7.0-rc.2
d602c9aec docs: fix typo of shim.RunManager's function comment
f70657650 feat: tag image using Transfer api
f7eb86ef3 Sandbox: Delete shim+shutdown sandbox on create failure
6b4b6956e Sandbox: Fix/enhance error messages for Create
8ce3e4e15 epoch: fix unit test when SOURCE_DATE_EPOCH is set
32ed559c8 Add Windows Sandbox Stats (sbserver)
08aa576a9 Add Windows Sandbox Stats
8137e41c4 Add ArgsEscaped support for CRI
5946c1051 *: fix code style issue
98cb6d7eb cri/sbserver: ignore the NOT_FOUND error in exec cleanup
01671e9fc cri: add config ut for invalid drain io timeout value
55e25f164 integration: add testcase to drain exec IO in time
ffebcb122 cri: disable drain-exec-IO if it is empty timeout
791f137a5 *: update drainExecSyncIO docs and validate the timeout
13bf5565e [transfer] update export to use image store references
e2283edef [transfer] update export API types
f6491b004 feat: export images using Transfer api
b9d7eae1a feat(api): add fields to ImageExportStream
3c18decea *: add DrainExecSyncIOTimeout config and disable as by default
a9cbddd65 *: fix typo and skip exec-io-drain-testcase in win
b91f42a14 ctr/tasks: support remapped UID/GID
2e96ba95e Create config struct to take user input
f25ec98d0 Fix linting error `sets.String is deprecated`
8145b15f0 Bump k8s.io deps
04dfd6275 pkg/cri/sbserver: add timeout to drain exec io
82c0f4ff8 pkg/cri/server: add timeout to drain exec io
43d36a254 Add experimental section to RELEASES.md
cd84f752c Prepare release notes for v1.7.0-rc.1
ae42f836f Update mailmap
4522ad886 Update CRI guide link
57fb2d30f Add max shim version environment variable
5c6e9f83d Fix streaming manager deadlock on collection
acf6e9411 Update README with location of security audits
30883d831 Increase CI workflow timeout on Windows.
af7477e43 docs: fix typos in historical/design/data-flow.md
6b589a89f releases: mark 1.5 as EOL
dba6f9db1 Add version to shim protocol
36ae2f6b9 bump go-cni to v1.1.9
cf46d3c6f Treat sandboxes as root gc resources and scan referenced objects
35d42b47f Add Linux arm64 arch to install-protobuf script
727f8530c Prepare release notes for v1.7.0-rc.0
2e9aaf094 docs: update instructions for enabling NRI.
310be5ce6 pkg/nri: update NRI configuration.
8a47c6910 Add a leading space after the comment sign
f53417921 Add unit test to getSupportedPlatform
a6ad9e04e Rewrite install-protobuf script
3769b4840 Rewrite install-protobuf script
47305392c Add configuration options to local transfer service
bd0a2a927 CRI: remove duplicated snapshotters code
49abbe4f2 fix failing TestCDIInjections
30e4a1409 update CDI version to v0.5.4
4728800ab runtime/v2: Get rid of last logrus.Fields usage
4278fbbc7 runtime/v2: Call onCloseWithShimLog for grpc shims
06e085c8b Add Fields type alias to log package
0ecdd341d docs: add more comment to logging.LoggerFunc
ea83632a8 docs: Show how to select GRPC for shims
369339897 Migrate from k8s.gcr.io to registry.k8s.io
a48dbefc1 Fix concurrent writes for UpdateContainerStats
dc27cc0a2 Add macOS build notes
56274749c sandbox: start sandbox with options
2716fd041 dependency: bump go.etcd.io/bbolt to v1.3.7
979a74412 runtime/v2: Log BootstrapParams
4baa1876b contrib/apparmor: remove code related to apparmor_parser version
0ced6ac64 Prepare release notes for v1.7.0-beta.4
90d004ae8 Go 1.20.1
281f89a9d go.mod: go 1.19
d8b68e3cc Stop using math/rand.Read and rand.Seed (deprecated in Go 1.20)
a9ac5f9cb lint: remove `//nolint:dupword` that are no longer needed
9b510e9a8 lint: silence "SA1019: tar.TypeRegA has been deprecated... (staticheck)"
8bf975b4f lint: silence "type `HostFileConfig` is unused (unused)"
4b9fd6ba5 golangci-lint v1.51.1
ac31c9a53 Clean up repeated package import
39bac0dbe error strings should not be capitalized
9a9cfe85e Go 1.19.6
0166783c7 cni: pass in the cgroupPath capability argument
d14758b60 go.mod: bump to go-cni main
e855a5998 cmd/ctr/commands/images: support usage subcommand
9c82e929f release: xx v1.2.1
844252164 Add fallback for windows platforms without osversion
081601f52 Update imagestore interface to support multiple references
646bc3a94 CRI: Create DefaultCRIAnnotations helper
5aab634e1 CRI: Pass sandbox annotations to _other platforms
2b24af8d1 Use options to pass PodSandboxConfig to shims
ebbcb57a4 pkg/cri/sbserver: experimental NRI integration for CRI.
8a1dca0f4 pkg/cri: split out NRI API from pkg/cri/server.
a8bb1ad2a loadConfig pre-inspection in advance
36e7dbdcb ctr version: add args check, prohibit incoming args
750d18ace Extract CRI instrument package
60d04b0b0 pkg: rename {blockio,rdt}_default.go -> nonlinux.go
b61988670 go.mod: github.com/containerd/typeurl/v2 v2.1.0
74b371b98 CRI: Mirror generic toml runtime config under server
8ef298d86 Add transport credentials GRPC opt
77fc0948c Use switch when creating TTRPC/GRPC client
a82e37a5a Add shim bootstrap params
fc2e761e2 Initial GRPC client support
9e5c207e4 Wire up client bridges
4b1ebef3c Add Sandbox service GRPC bridge
47cb5f64b Add Task Service GRPC bridge
51a8db233 Send container events with nil PodSandboxStatus
27c8f4085 Move PLEG event generation back to sbserver to avoid missing pod sandbox status
7cf556075 test: add hostNetwork tests for both windows and linux
d33a43cc2 pkg/apparmor: clarify Godoc
a3265102d Revert "Don't check for apparmor_parser to be present"
c990e3f2e contrib/apparmor: remove version-dependent rules
fe0116ec2 CI: skip some jobs when `repo != containerd/containerd`
3eda46af1 oci: fix additional GIDs
ef2560d16 oci: fix loop iterator aliasing
52f82acb7 btrfs: depend on kernel UAPI instead of libbtrfs
62df35df6 *: introduce wrapper pkgs for blockio and rdt
6cdc221f5 'go routine' should be 'goroutine'
b0e97c0f9 Use multierror for cleanup error
34314717b Remove sandox store and controller service type
a788f6c79 Move local sandbox controller under plugins package
2717685da Refactor sandbox controller interface
0b33a45fa cri: fix Mirrors deprecation comment
5bc3fea62 update fuzz function names in docs with golang naming convention
904a87d26 docs: fix function names in fuzzing test documentation
9e4acc028 importer: stream oci-layout and manifest.json
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Rather than using virtual-runc (which choses between the old docker and
opencontainer variants), use the newly added
VIRTUAL-RUNTIME_container-runtime variable, which allows switching
betwen runc and crun.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.0-beta.3-71-gfdfdc9bfc, which comprises the following commits:
fe0116ec2 CI: skip some jobs when `repo != containerd/containerd`
b944b108d Clean up repeated package import
76a62e52a Use http constants instead of string
13652e081 fetch: Use data from descriptor when available.
6ae3e5df6 Fix retry logic within devmapper device deactivation
6adb6a727 Rename release CI job
aed3b0a70 Clean CI file
617c66dcc Add critest.exe in $PATH
757b8f702 keep the uppercase letter for flag info
e5c57f242 update hcsshim tag to v0.10.0-rc.5 and revendor
1f35b0336 Fix sandbox exit monitor
d1cd9757e Generate GRPC for runtime task service
86c238c87 Generate GRPC for runtime sandbox API
99580e0aa Update TTRPC and Protobuild dependencies
b9b44ed5c Removing end of line for last line
dbf384a5a Export remote snapshotter label handler
d6070f8a7 go.mod: github.com/urfave/cli v1.22.12
2f1aad03a cleanup useless IntToInt32Array func
e551d734f pkg/epoch: drop timezone
eeab05242 Make `mount.UnmountRecursive` compatible to `mount.UnmountAll`
58bd5a094 go.mod: update github.com/containerd/nri.
c46aaa8df Add integration test for tracing on image pull
7ec75b120 Update CNI to 1.2.0
306db3e70 go.mod: github.com/containerd/cgroups/v3 v3.0.0
5082fb395 go.mod: go.opentelemetry.io/otel v1.12.0
8886b05dc integration: use sleep inf with busybox:1.36
005d30e84 deflake: TestContainerPids
6de94a4cc log/logtest: add `testcase` as debug field
97ddac539 RELEASES.md: update release status
b36b41552 cri: mkdir /etc/cni with 0755, not 0700
7eb652830 release: Ubuntu 18.04 -> 20.04 (glibc 2.27 -> 2.31)
b473c2922 release: Add "cri-containerd.DEPRECATED.txt" in the deprecated cri-containerd-* bundles
d00655092 Update the EOL date for 1.5 release
336c0cd2c Prepare release notes for v1.7.0-beta.3
77e51e9b0 Adding support to run hcsshim from local clone
27cf7f87d fix(docs): minor fix on the windows installation steps
d21578674 runtime docs: Clarify delete cwd behavior
34d587818 Use mount.Target to specify subdirectory of rootfs mount
21fe0ceaa Move PLEG events for pause container to podsandbox
12359559d reused package errdefs for not supported err
4f39b164f pkg/cri: optimize slice initialization
9f6058d02 pushWriter: correctly propagate errors
361291559 Update vendored files
d845b2a9c go.mod: update goresctrl to v0.3.0
ac72483e8 Fix syntax errors in the document
f9f845533 Backport #7393 to sbserver
0cbfb3375 Backport #7661 to sbserver
41eabf134 Backport #7685 to sbserver
b0d7a9697 Backport unit test from #7882 to sbserver
b1c5c57be Fix Memory Limit test
d1e1a1646 release/Dockerfile: set DEBIAN_FRONTEND=noninteractive
7ddd8add4 CI: remove redundant archs from ci.yml
ffabc8a29 CI: test release.yml on every PR
b9bd10c14 use local variable for rt when iterating collectors
1ade777c2 Add basic spec and mounts for Darwin
66eeee043 Update hcsshim tag to v0.10.0-rc.4
3c8469a78 Use Platform instead of generated API
802c6c5c0 fuzzing: improve archive fuzzer
40be96efa Have separate spec builder for each platform
fdfa3519a Remove unused params from platformSpec
1c1d8fb05 Update OCI spec tests for generic platform
f43d8924e Move most of OCI spec options to common builder
21338d277 Add stub to build common OCI spec
f318e5630 Update sandbox API to return target platform
dd22a3a80 Move WithMounts to specs
0ae0399b1 Make OCI spec opts available on all platforms
5f1a42543 shim: move reap log line to debug
515d68099 shim: enable debug logging for delete
c8f4ab3b0 update to go1.19.5, go1.18.10
9c8c4508e cri: Fix TestUpdateOCILinuxResource for host w/o swap controller
82d6c2f93 Revert container_stats_test.go change which caused Windows CRI integration test failure
0b9313c42 ctr/run: flags --detach and --rm cannot be specified together
6f9936e30 mod: update github.com/pelletier/go-toml@v1.9.5
f0917fb6e archive: improve TestSourceDateEpoch
9df5a1714 snapshots: refactor metastore transaction
f9a702105 docs/content-flow: update the description of the content labels
fc905324a docs/content-flow: update the digests of the redis:5.0.9
0de12cf7e Add tracing plugin test
b550526cc Use cleanup.Background instead of context.Background for cleanup
38159694f Prepare release notes for v1.7.0-beta.2
88c8d2e39 docs: fix a typo in tracing documentation
79d09c69b CI: Pass GITHUB_TOKEN to containerd/project-checks
06bfcd658 Enable dupword linter
0abc2f160 ctr: Add platform flag to 'oci spec' command
f606c4eba Add cleanup package for context management during cleanup
419b5ab04 Cirrus CI (Fedora 37, Rocky 8): enable cri-integration
7b1f08bf5 nri_test.go: skip if SELinux is enabled
dcbb32d6f cri-integration: set SelinuxRelabel
0f163d696 TestVolumeOwnership: compare GID, not group name
76d68b080 container_stats_test.go: avoid checking snapshot size
12955d291 Vagrantfile: fix comments about SELinux
bb86c6e57 contrib/Dockerfile.test: add "integration", "cri-integration", "critest" stages
5e84f08c4 Vagrantfile: fix disk resize error with VirtualBox
778e8f2af Use the const labels.LabelUncompressed
a5b979623 Add lease to transfer to preserve streams during transfer
3f0edb249 CRI: Comment cleanup/misc fixes
1753e5af7 Reused errdefs for error
5a00d28a6 Fix TestUpdateContainerResources_Memory* on cgroup v2 hosts
a5ea5935b integration/images: switch away from Docker Hub to avoid rate limit
119bbec9e Vagrantfile: install-rootless-podman: remove `setenforce 0`
d7ef6cbfa [streaming] move response packet after registration
72ef98622 cri: Simplify parseUsernsIDs()
4eed20fc3 cri: Verify userns container config is consisten with sandbox
a44b35627 cri: Fix assert vs require in tests
6b333fd21 `ctr contents ls` sorts the labels of the content
3b48fb5b5 cri: Shadow variables to avoid t.Parallel() issues
6b7e237fc chore: use `go fix` to cleanup old +build buildtag
1d0619bc0 Refactor metastore transaction
ca69ae265 Add integration tests for CRI userns
09243e43f make runc 1.1 for oss_fuzz_build.sh
94c68aa00 oci: appendOSMounts(): remove unused error, and move
d66afd211 add kube v1.26: remove v1alpha2 cri support
e94d92571 CRI sbserver: Prevent server reuse after Shutdown.
b10536d64 Reused errdefs define error
229779a4e oci: Add WithDomainname
ba0a7185f add network plugin metrics
a2df12d1a fix `ctr tasks kill` does not remove cni network under windows
0bc9f7b54 Avoid using canceled context in unpacker cleanup
b6df6708b Check containerd's readiness before calling critest
a27e09548 Fix grammar and spelling mistakes in README
a7adeb697 cri: Support pods with user namespaces
31a644973 Add capability for snapshotters to declare support for UID remapping
36f520dc0 Let OCI runtime create netns when userns is used
47fee791f Add sandbox store plugin type
6e55234c3 Add unit test to function GetCPUVariantFromArch
8d5c04543 Use uname machine field to get CPU variant if fails at /proc/cpuinfo
3ee6dd5c1 CRI: Fix no CNI info for pod sandbox on restart
aa8a389c5 overlay snapshotter: Make use of WithTransaction
2c573de6d Move snapshot event publishing into metadata store
d5dd11dcd Enable checkRename test
415750388 cri: fix `memory.memsw.limit_in_bytes: no such file or directory`
791428005 Prevent a race condition in testHook
54f1bdee3 "make proto-fmt" doesn't like spaces
52a748039 Remove github.com/gogo/protobuf again
ce4ea2695 go.mod: update fuzz-headers and fuzz-build
a4d5c3e5c Support sandboxed shims shutdown
fb7a04234 move up to CRI-TOOLS v1.26.0
84529072d CRI: Add host networking helper
0e33a8fa4 [sb] Fix status
ce3a73270 nil check to avoid panic on upgrade
5a3a9baec fatal error: concurrent map iteration and map write
c5fff10fe Bump golangci-lint to v1.50.1
d7507c3c1 Bump grpc to v1.51.0
b94c1018a disable tracing while handling token
f219f7d1e fix sdNotify func when debug level
75b09ac4a images: support specifying SourceDateEpoch via ctx
dc4834924 epoch: propagate SOURCE_DATE_EPOCH via ctx
66f71ea4d Enable GitHub Actions local Linux CI runs
14a38e12b Upgrade GitHub actions packages in release workflow
33e706aec Prepare release notes for v1.7.0-beta.1
d65269fda Add sandbox shutdown API
423f4388b integration: increase timeout in container_event_test.go
80839f11e allow client to remove created tasks with PID 0
a6929f9f6 Add Evented PLEG support to sandbox server
a338abc90 Add container event support to containerd
69975b92b cri: make swapping disabled with memory limit
cde949077 digest: use github.com/minio/sha256-simd
3b71cfd40 metastore: Add WithTransaction convenience method
9df96dc46 support fetching containerd from non public GCS buckets
c59f1635f add metrics for image pulling: success/failure count; in progress count; thoughput
74813786c fuzzing: improve archive fuzzer
176e8d35c image/label: print more characters of label keys
7afe6d92d Fix incorrect defer usage and refactor judgement
20e7b399f prevent Server reuse after a Shutdown
ccd1d22ad fix incorrect namespace of event when create/update namespace
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.0-beta.0-284-gf2cf411b7, which comprises the following commits:
d5010a12d docs: Authorizer.Authorize could return ErrUnexpectedStatus
2eabcf702 fix: check for tmpfs when evaluating if userxattr should be used
a6929f9f6 Add Evented PLEG support to sandbox server
a338abc90 Add container event support to containerd
e14753fc5 Respect no_cri constraint
3bc8fc4d3 Cleanup build constraints
c040f8382 Fix default config for Darwin
0b349428e CI: Vagrant: pin rockylinux/8 to v5.0.0
662d8a085 vendor: golang.org/x/net v0.4.0
f9295aa49 Fix context when waiting sandbox
8ab1d4496 Pass runtime configuration as TOML blob
3e92dedc2 Update runtime options to include bytes blob
a113737cc sbserver bug fixing
85776d2c6 update to go1.19.4, go1.18.9
840a657eb Change PushContent to require only Provider
847294679 Adding unit tests to opentelemetry tracing
8a25fa584 Unwrap proto errors in streaming client
b0dd50655 fix panic when containerd-stress density --count 0
39cc684c6 docs: Add extra security instructions
afa19a0a7 Fix process_vm_* syscall names in seccomp
740e90177 go.mod: re-vendor NRI from the official repo.
345332175 upgrade the ops.md output for current 1.7 version .
f88162587 Rename transferer to transferrer
fc2754204 Cleanup code comments and lint fixes
f1598cf5e Update transfer docs
01bd314b1 Rename local transfer plugin
c387a5205 Add variables names to transfer interface
8304a61b5 Combine stream fuzz tests
0762a3a75 Add media type to export stream
52341a234 Update export API types
42eedc0bc Update ctr to make local the default for distribution
ef61e13a6 Update import cli to use transfer service
11c1c8e6f Update import logic
66dc4d106 Update API for import types
b991c71e9 Update pull command to use filter arguments
40d3fa3af Add filter fields to image store types
9ae92f16e Improve push handler ordering
737257bb4 Add push progress
e88baa087 Fixup pull authorization and labeling
478f1c934 Lint fixes
28ea75456 Regenerated protobuf files with updated version
b0f519703 Add transfer docs
cd67a98ec Add transfer integration test
0aca4bb1f Update ctr commands to use transfer interface
6b5df1ee1 Update transfer packages
2a8d7a744 Update transfer API
7318a2def Add transfer plugin registration
d1627e3c7 Add basic import and export handlers
adfaeeff0 Add binary stream functionality and helpers
e506cd103 Implement client interface for transfer service
81afd9c36 Add progress
0e4e96544 Add transfer proxy client
6f64cb859 Transfer interface and plugin work in progress
f61ed7e94 Transfer API types
a24ea31c2 Add transfer API
dcf5687ca Add streaming service
08d5879f3 Added nullptr checks to pkg/cri/server and sbserver
8e0a3c51a Add ctr image prune
ceab73007 use MaxConcurrentDownloads instead of MaxConcurrentUploadedLayers
f012617ed CRI stream server: Fix goroutine leak in Exec
9f4ba4883 [sandbox] Fix panic when waiting for sandbox controller
dbc6d33ac [sandbox] Specify sandbox ID when using sandboxed shims
9a53a6c34 [sandbox] Don't access pause container when creating pod container
cc111eef6 [sandbox] Move sandbox info to podsandbox controller
a0daf1c28 docs: add NRI-related documentation.
02f0a8b50 pkg/cri/server: nuke old v0.1.0 NRI hooks.
ca84aba6c integration: add first NRI integration tests.
b27ef6f16 pkg/cri/server: experimental NRI integration for CRI.
43704ca88 nri: add experimental NRI plugin.
a6d1d53cc [sandbox] Update Controller.Status protos
2136736f5 go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
63c6c55ab go.mod: roll back github.com/containerd/cgroups to v1.0.4 release
3c1c0878e integration/client: update containerd version to v1.7.0-beta.0
ebd63adac integration/client: fix go.mod grouping
8d868dadb Add ptrace readby and tracedby to default AppArmor profile
8c035d387 Resolve warnings in Windows GitHub Actions periodic workflows
ae0da7dc5 Use sandbox store to retrieve runtime info for sandboxed containers
3ddaa3444 Retrieve sandbox creation time from store.
4b3281982 Remove duplicated helpers
3f331e7d1 Specify runtime configuration for sandbox shims
c4dee237f Fix order of operations when setting lease labels
a22f0a4c3 archive: set WithModTimeUpperBound when WithSourceDateEpoch is set
ed3a49c0e fix for OSS-Fuzz infra changes
ac4af4df8 integration: enable CNI slow test for sbserver
a74f7e902 sbserver: save netns in sandbox metadata on create
085d8e633 integration: enable tests for sbserver
1deaedd38 sbserver: persist sandbox during partial teardown
5a7c108ba Resolve Scorecards GitHub Actions workflow warnings
b7b185c92 update github.com/cpuguy83/go-md2man/v2 to v2.0.2
6142a2a24 sys: remove unused GetOpenFds()
f0ce2f6d3 remotes/docker: remove deprecated NewAuthorizer alias
c71a31156 sys: remove aliases for deprecated EpollCreate1, EpollCtl, EpollWait
3e5b444ac pkg/cri/util/: remove deprecated NormalizeImageRef alias
3a7cfaebb sys: remove alias for deprecated sys.RunningInUserNS()
bd912bbee go.mod: github.com/matttproud/golang_protobuf_extensions v1.0.2
5f23daeb2 go.mod: github.com/moby/sys/sequential v0.5.0
763ec7c86 go.mod: github.com/cpuguy83/go-md2man/v2 v2.0.2
0f616e354 go.mod: github.com/AdaLogics/go-fuzz-headers v0.0.0-20221118232415-3345c89a7c72
df4d07352 go.mod: golang.org/x/sys v0.2.0
4e68634ef go.mod: github.com/sirupsen/logrus v1.9.0
579c7f43d Change fsnotify event status condition.
2cea525ee Bump fsnotify to v1.6.0
73c6db881 Bump urfave-cli to v1.22.10
bf777a70b remove duplicated tx rollback
70b65062c Missed out `platform interface` when reused the conn for Client.
0c4d32c13 cri: add pod uid annotation
438db09b0 Fix building.md for btrfs
792294ce0 Update to cri-api v0.26.0-beta.0
234bf990d Copy cri-api v1alpha2 from v0.25.4 to containerd internal directory
e224f77eb Add process_vm read and write calls to default seccomp profile
e4130b2a0 overlay: Remove unused method param
661aaae3b introspection: expose the daemon's PID and PIDNS
f6232793b can set up the network serially by CNI plugins
2f5dd7c66 CI: update Fedora to 37
3fc5802d1 gotestsum match go version 1.19
aaf59efd2 Expose Done and Err in Shutdown service
5d0457df9 Refactored ctr to allow for tty allocation when container has {terminal:true} within Spec
c245347e9 tx rollback when GetInfo return error
14a08721c Remove OpenTelementry imports from remotes/docker package
405024db0 complement sub-command note for containerd-main
e38e2c8a4 make status more readable and update easy.
3abcfb5c0 keep the lower case letter for flag info
69af001b3 Replace broken and redirection link for CRI and kubelet in docs
b0133882f bump critools into ca1571e6edd116b2c95f52e3dfa0b4779b74223a
8bb599973 Remove the outdated comment
dd86128e0 Convert hcsshim's stats to cgroups' stats
6596a7086 Use github.com/containerd/cgroups/v3 to remove gogo
38ad785ce Bump k8s.io deps to v0.25.4
bd66f588b Bump OpenTelemetry contrib to v0.36.4
3fca677c1 Release: add static binaries
0c63c42f8 Fix slice append error
b829e6f2d Bump OpenTelemetry to v1.11.1
7def13dde Add a thin wrapper around otel Span object
ab194e65f Bump grpc to v1.50.1
b742aa2e7 fuzzing: bump go-fuzz-headers
91e295d76 Add `--debug` args
0f54c4740 feat add sandbox api status func
c953eecb7 Sandbox API: Add a new mode config for sandbox controller impls
99ac7a771 add oci.WithCPURT
717aa5929 Remove uses of deprecated go-digest.NewDigestFromHex, go-digest.Digest.Hex
3a9044f24 Rename darwin-kubelet to containerd
5f48e00af Extra documentation for content interfaces.
202abf8fc Bump k8s.io deps to v0.25.3
eaedadbed replace strings.Split(N) for strings.Cut() or alternatives
f90219d47 services/server/config: TestMergeConfigs(): use correctly formatted values
4866d8ba4 registry: support ipv6 addresses
8bec2b652 Replace references to `re` with `regexp.MustCompile`
5c510e47a Improve how reference regexps are built
98ff27265 Clarify repo name regex intention
2a8a53178 go.mod: change imports to github.com/distribution/distribution/v3
a97eb6955 Update repo normalize error message to include the name of the repo.
b979f0069 Fix bug in parsing domain from repository reference
f96660286 reference/docker: add unit-tests from upstream distribution/distribution
7de88c5ba reference/docker: align files with original code
f32595a0c Fix "getCPUInfo for OS freebsd: not implemented" on FreeBSD/arm64
11a06c1a3 ctr: add `ctr content fetch-blob`
dfd6a3aa6 remotes: add FetcherByDigest for fetching blobs without foreknown descriptors
c607f83c3 Fix missing closed fifo
a24ef0993 Replace mount fork hack with CLONE_FS
8b1b81eef Update hosts doc
f0bf9e7f8 Support default hosts.toml configuration
81bbd9dac add option to resolve symlinks to linux device
ee64926a7 add SpanAttribute
2d9f0f2fb add additional info in backport process
3b87d46ce Add tracing spans in CRI image service and pull.go
902b96cf2 fix comments
30c3078ae go.mod: golang.org/x/*: use tagged versions
422a24066 Bump go version to 1.19.3
9c2a63440 Fix ctr crash when pulling with http-trace and http-dump
78ac0046a ctr export strictly match default platform
a270d6e8a Harden GITHUB_TOKEN permissions
98269c061 s390x: initial enabler
4b2a23e7e overlayutils: Add fastpath for userxattr check
2da782468 Add sequence diagram for shim runtime v2
0be981595 Sandbox API: Move remote impls to /sandbox/proxy
2e83d885d fuzzing: improve archive fuzzer
7c77b3540 Add Workflow for running critest with Hyper-V Containers on Windows.
9494f0b80 Add HyperV config in tests
53f67705c Add release notes for v1.7.0-beta.0
c776a3631 Update mailmap
b7d0d1271 Cleanup sandbox interfaces
be3987a92 Migrate away from GitHub actions set-output
9a0331c47 maintenance: Remove WithWindowsNetworkNamespace from pkg/cri
3f3e2b3cc Fix LogURI generation-related tests on Windows.
ddb8a65be update codeql-action to v2
727b33c71 Retry client connection in waitForStart
3e4449862 Add logging volume metrics to Containerd CRI plugin
3ddcbf5f1 Update 1.5 release support timeframe
9a8611d63 bump go-fuzz-headers
fc86be501 not init a tracing processor when not loaded
47fa603e1 Update required Go version in BUILDING.md
8e7ef890a Use logtest if possible to clean up logs
a76d68ee4 Separate containerd logs in GitHub Actions' console
e47bdbd16 Upgrade critools from 1.24.1 to 1.25.0
878dbc7af Upgrade actions/upload-artifact from v2 to v3
198277202 Use `go env` to determine GOPATH in Makefile.
6a07a1c07 go.mod: matttproud/golang_protobuf_extensions v1.0.2 (use tag)
972399538 sys: synchronize mkdirall() with latest os.MkDirAll()
063c5f980 sys: create SecurityAttribute only once (Windows)
a983599e2 sys: update volumePath regex to allow returning earlier
d422c87e4 sys: compile volume-path regex once, and update GoDoc
f8f052482 Vagrantfile: explicitly specify rsync as the shared folder driver
4839f1bdf Add timeouts to all CI jobs
890398677 cri: PodSandboxStatus should tolerate missing task
fb6a40dc9 Don't unmount on Darwin when deleting bundle
c7e6a889b sys: remove unused IsAbs() (windows)
48daccb4d fix the --no-pivot flag being ignored by `ctr tasks start`
ea53e52fc CI: update GHA instances from Ubuntu 18.04 to 20.04
49a54e23c Stats() shouldn't assume s.container is non-nil
e7c8a5ab0 Move up actions versions to prep for deprecation
752bff981 cmd/containerd: use golang.org/x/sys/windows.SetStdHandle()
8b5df7d34 update golangci-lint to v1.49.0
f9c80be1b remove unneeded nolint-comments (nolintlint), disable deprecated linters
29c7fc952 clean-up "nolint" comments, remove unused ones
d21572513 pkg/cri/(server|sbserver): criService.getTLSConfig() add TODO to verify nolint
0eaace306 golangci-lint: sort linters in config file
3ebeb6d79 linting: address gosec G112/G114
347397cf2 update go.mod and go.sum
643dc1656 improve CDI logging
8ed910c46 CDI: configure registry on start
eec7a76ec move WithCDI to pkg/cri/opts
634bf0dd3 cmd/containerd: use golang.org/x/sys Service.SetRecoveryActions()
17a932403 Update the default seccomp to block socket calls to AF_VSOCK
d4b9dade1 Updates oci image config to support upstream ArgsEscaped
047e684bb fix install cni script
b7f6a6804 runtime/v2/shim: clean up the use of containerdBinary
b41d6f40b Update container with sandbox metadata after NetNS is created
8fc68db0c cmd/containerd: replace deprecated windows.IsAnInteractiveSession()
63a7d8a7f fix pusher concurrent close channel
260af5e1d TestTaskResize must use a terminal
39158629f diff/apply.readCounter: check negative size
70fbedc21 archive: add WithSourceDateEpoch() for whiteouts
0aefb5280 archive: windows: chtimes(): remove redundant conversion
f9c9121e5 archive: validate digests before use
8162e044b Add long term stable release branches
e2d8f3859 vendor: github.com/opencontainers/selinux v1.10.2
011fca6ed fuzzing: create structured tar bytes in archive fuzzer
54f2b5121 Update to go 1.19.2 to address CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
f330ffd83 cri doc: Update kata containers reference
0119d43a4 use raw link to containerd.servic config
a59ecc50e CRI: implement Controller.Delete for SandboxAPI
9d18b5746 Modify WithDiscardUnpackedLayers
4333e6a6d Swap to net.ErrClosed checks for services
acb2964d6 go.mod: Bump go-winio to v0.6.0
4196fad02 Add integration tests with failpoint
4f4aad057 Persist container and sandbox if resource cleanup fails, like teardownPodNetwork
396b6d670 fix missing close
7a66f70b5 cri-integration: pass ENABLE_CRI_SANDBOXES to test
2432b54a5 Add new ctr option for discarding unpacked layers
b4558bedc Add test flag for skipping shim cgroup test
c6f571fc7 Set grpc code for unimplemented cri-api methods
82890dd29 CRI: implement Controller.Stop for SandboxAPI
927906992 CRI: implement Controller.Wait for SandboxAPI
dcb0d8f9e remove stray .zuul.yaml
e22a7a383 reference CDI configuration details
bc01f8fc0 Add reader option to local content reader at
c8010b9cb sbserver: return resources in ContainerStatus
b92f3160a cri-integration: propagate ENABLE_CRI_SANDBOXES
b79dcabd6 chore: enable Scorecard Github Action
8f4c23b69 retry request on writer reset
a37c64b20 Refactor CRI fuzzers
bf26140d9 Fix LogURIGenerator on Windows
adfbda464 Add ext2 fs support to devmapper snapshotter
f0fbc8dfd Upgrade fuzzing-related packages to reduce dependencies
e7c593edd Fuzzing: Instrument with new sanitizers
9cdf9f6c6 Use jq and only show failed tests on summary
34ad96bab CI: Output a summary using GITHUB_SUMMARY
524d3aca8 github.com/emicklei/go-restful CWE-285: Improper Authorization
3cfde732e remotes/docker/config: Skipping TLS verification for localhost
0f51aa874 Add NoSameOwner option when unpacking tars
b2a7183a8 matching the casing of other flags for ctr's pull command.
829dd2145 update cdi version to v0.5.1
0f743ce4f vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c
8f2bbd5e8 Update to go 1.19.1, 1.18.6 to address CVE-2022-27664, CVE-2022-32190
6ce0f6a26 Fix missing close
8575a0d6f Remove unused variable from images action
5e57d463d feature: use client default namespace
3c0e6c40a feat: upgrade registry.k8s.io/pause version
f9166aa53 .zuul: remove the zuul because it is offline
e041d1a2c integration: TestUpdateContainerResources_MemoryLimit: remove TODO comment
3a2197f5f metrics/cgroups/v1: Remove unused event parameter
bfb280fb3 Update golangci-lint timeout to match config
407703f09 Make checkContainerTimestamps less strict on Windows
344b25995 delete redundent import alias and and type conversion
17e436c20 Pin github.com/AdamKorcz/go-118-fuzz-build
a3bfa58b0 Make oss-fuzz mandatory
2e677c932 sys: move ForceRemoveAll to integration/client
19db697a5 archive: replace tarName() with filepath.ToSlash()
3cc3d8a56 mount: use ioctl helpers from x/sys/unix
0c6553bfd go.mod, vendor: bump golang.org/x/sys to latest version
93342d637 replace sys Sequential funcs with moby/sys/sequential
9ae2cc3a8 mount: remove unused ErrNotImplementOnWindows
dcfaa30ba chore: remove duplicate word in comments
b170eb3ca Add Kubernetes v1.25 supported version as v1.24
fdff11def ctr: add privileged-without-host-devices for run command
d063597e8 Upgrade github.com/klauspost/compress from v1.11.13 to v1.15.9
eb664aed0 go.mod: github.com/opencontainers/runc v1.1.4
ad597015c update runc binary to v1.1.4
962841fc7 Clarify containerd 1.5.0+ for k8s 1.20,1.21
90f6bd21c script/setup: handle cnidir with SUDO
331066f87 update intergration
49e2fe2ab bump cri-api
b7b1200dd ContainerStatus to return container resources
9525b3148 migrate from k8s.gcr.io to registry.k8s.io
f0036cb9d windows: Add runhcs-wcow-hypervisor runtimeclass to the default config
f318947b0 Do not rename test files on-the-fly to share functions
912d43b2b Revert "Downgrade MinGW to version 10.2.0"
850f667f5 contrib/fuzz/daemon.go: reformat the fileheader
460b0533b pkg/cri/streaming: increase ReadHeaderTimeout
9d286baed crypto/sha256 must be imported
adc7d5b2e Don't patch github.com/cilium/ebpf
470d3ee05 Upgrade containerd/cgroups to remove github.com/cilium/ebpf's fuzzer
43907515b adding support of CAP_BPF and CAP_PERFMON
13b14736a Don't fail test when GOOGLE_APPLICATION_CREDENTIALS is unset
095044710 Remove Windows special case in TestContainerdRestart
1f8db2467 go.mod: Bump hcsshim to v0.10.0-rc.1
396d2a7e4 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
1d8b1bc75 Cleanup shim manager
ff65fc2d0 Make TaskList generic
6e4b6830f Update CRI-API
782fd3c8e Vagrantfile: dump containerd log after critest
74c09b756 Fix contrib/ header
8add7e5d3 Rework permission handling in scripts
6ba91de84 release workflow: remove Go setup action
f8add9263 release workflow: increase timeout to 30 minutes
2dbff1dbc oci: skip checking gid for WithAppendAdditionalGroups
481861020 release: rollback Ubuntu to 18.04 (except for riscv64)
68bae258a Update protobuf definitions
ca3b9b50f Run gofmt 1.19
4a11a4018 Update golangci-lint to 1.48 with Go 1.19 support
ea6613029 Switch to Go 1.19
7787168cc Use global env variable to specify Go version on CI
5cf77fc43 Add TODOs for the remaining work
e1c5d71c0 Update golang to 1.18.5, 1.17.13
ee0f2e906 Change os.Stderr reassign for Windows service
426fcfbc5 fix protobuf aarch64
aa3303b69 Update sandbox protobuf to match CRI
882322417 Update controller's start response to incldue pid and labels
3d028308e Cleanup CRI files
c085fac1e Move sandbox start behind controller
f51014f8d Add sandbox to in memory services
6c14ca25d Fix cleanup in critest
e47c433d5 Add sandbox store helpers
f5fb2c32d Regenerate protos with updated protoc-gen-go
b16c3e9ad Windows HostProcess container CRI stats test
106433b79 Use httputil.DumpRequestOut for dumping client req
2fa84b1b8 Add extra context to error when push unauthorized
f4d05f207 chore: bump macos runner version
276a6f133 test: error strings should not be capitalized
2b92c70fa Fix command line parsing for image list
14003683f go.mod: Bump hcsshim to v0.9.4
1e0698e8e Fix CRI image pull timeout test for ppc64le
c15d8e156 go.mod: Bump hcsshim to 0.9.3
a9514da75 Update image references for Windows tests
2ae5f405d Use image lists instead of hardcoded images
552d76344 Use image lists in client tests
d121efc6d replace with selinux label
e6a2c0790 integration: simplify CNI-fp and add README.md
344431cdd fix: support simultaneous create diff for same parent snapshot
050cd58ce Drop deprecated `ioutil`
500ff95f0 Make getServicesOpts a helper
ee6fc5c2e adds an env var commented out for sandboxed mode
cbebeb944 pkg/failpoint: add FreeBSD link and update pkg doc
3c5e80b63 integration: Add injected failpoint testing for RunPodSandbox
be91a219c integration: CNI bridge wrapper with failpoint
1ae6e8b07 pkg/failpoint: add DelegatedEval API
b297775ea runtime/v2/shim: return if error in load plugin
5f9b318e5 bin/ctr,integration: new runc-shim with failpoint
822cc51d8 runtime/v2: manager supports server interceptor
ffd59ba60 pkg/failpoint: init failpoint package
3125f7e1a cri_stats: handle missing cpu stats
7eeec8987 adds support for using env file for systemd boot
7dc66eee6 using ContextDialer instead
6639b2b02 test: Add ability to switch between cgroupv1 or cgroupv2
0d6881898 Refactor usageNanoCores be to used for all OSes
f6bc986dc go.mod: github.com/stretchr/testify v1.8.0
628f6ac68 code cleanup
cc30880e8 ci: workaround Cirrus CI's INVALID_ARGUMENT
d8d63a7aa docs: Fix sample config.toml syntax
88bcbb036 adds a comment explaining how to disable experimental sbserver
3a3f43f72 Fix linter warnings
60f51c1aa Update and align golangci-lint version
98a1b7ff1 Add log messages when choosing CRI server
bbb8d3470 seccomp: add get_mempolicy, mbind, set_mempolicy, with CAP_SYS_NICE
19e847983 seccomp: seccomp: add syscalls related to PKU in default policy
2ba635331 Change metrics namespace for sandboxed CRI to prevent panic
b8e93774c Enable integration tests against sandboxed CRI
cf5df7e4a Fork CRI server package
4ffef752d update golang to 1.18.4, 1.17.12
c733119db cri doc: fix formatting for CDI options
f77d45e3b ctr: support --user for run/create
22dfc68ad Fix protobuf script to install protobuf on darwin
bcdc8468f Fix out of date comments for CRI store packages
174b01344 update some devmapper docs
575095fcd seccomp: allow clock_settime64 when CAP_SYS_TIME is added
e9e33f847 Copy fuzzers from github.com/cncf/cncf-fuzzing
b31631859 Upgrade github.com/AdaLogics/go-fuzz-headers
6d4b61007 integration/client: fix typo in export_test.go
b8bb33b92 fix can't edit object by using ctr content edit command
548c9c317 Fix WWW-Authenticate parsing
b8403d2e1 Update k8s.io/cri-api to v0.25.0-alpha2
a44cabf51 Update go-restful/v3 to latest release
c2703c08c pkg/cri: use marshal wrapper for version convertor
d2588b3fa LCOW differ return ErrNotImplemented for wrong mount type
0a240ff81 Fix missing closed HTTP Body
f7de1c8f9 Do not hardcode fuzzers
2b60770c4 Move container_fuzzer.go under integration/client/
66cc0fc87 Copy FuzzCRI from cncf/cncf-fuzzing
ca5637104 Remove mainfuzz package and StartDaemonForFuzzing
17f9c3a0e Move builtins_*.go to cmd/containerd/builtins to make the files reusable
d97b754a5 Cleanup metadata tests
1ef4bda43 Downgrade MinGW to version 10.2.0
1ab42be15 refactor: reduce duplicate code
47ad5f70e Fix Doc:
fb5b6612a ctr: Fix `ctr c create` fails to parse arguments
68a55fe8b make xattr EPERM non-fatal in createTarFile
99e210c50 Move metadata plugin registration to seperate package
4f0ea7831 fix: missing sudo for devmapper doc
72b87ad00 add WithAdditionalGIDs test
5bf705255 add WithAppendAdditionalGroups helper
5cde04bc7 Forward ctr snapshotter flags on Windows
4ac1031e0 Add snapshotter key to snapshot events
b27a229df Move contrib/fuzz/docker_fuzzer.go to remotes/docker
f91616e45 Copy FuzzConvertManifest from cncf/cncf-fuzzing
c9c5fee37 Do not hardcode fuzzing targets
50f1a4e42 Don't log "ignored xattr ..." warnings
112497bc3 Make oss_fuzz_build.sh quiet
6e53ffb10 ctr: add --hostname flag to create, run
7002fc2c4 Ensure Windows Periodic workflow errors out while still uploading results.
2e288f5b1 improve content-flow
d4ab64988 Revert MinGW to oldest known working version in Windows setup script.
55dd56e52 Make CI Fuzz optional
82adbc849 Run fuzzing tests with go test -fuzz
a1eb2d8a6 Use testing.F on FuzzPlatformsParse
57200edf2 Use testing.F on FuzzParseProcPIDStatus
0b3c31dd7 Downgrade MinGW in Windows setup scripts.
42a386c81 CRI: change the /dev/shm mount options in Sandbox.
a62a95789 CRI: remove default /dev/shm mount in Sandbox.
8245e35eb Make test path a constant
ee14f9316 Run fuzzers in CI
52593cfc8 containerd-stress: add support for running through CRI
5560b622d archive: Explicitly specify stdio for tar(1)
95f1d7971 platforms: Run goimports for FreeBSD
42e019e63 cri/server: Disable tests on FreeBSD
ad8e59806 oci: Remove empty mount option slice for FreeBSD
c15f0cdaf oci: FreeBSD devices may have major number 0
2ab8c12fc archive: use Linkat on FreeBSD for hardlinks
61690d76d Improve naming consistencies in comments in snapshotter.go
c101f7999 Allow CRI on Darwin
0167e55ab update runc binary to v1.1.3
c3fb7dfa7 go.mod: github.com/moby/sys/mountinfo v0.6.2
fa4720fa1 fix add ro mount for userattr-unmount unexpected timeout
92d360b58 fix minor spelling mistake: lablel -> label
6190b0f04 Correct spelling mistake ("sanbdox" to "sandbox")
5a6e4144a go.mod: github.com/containerd/cgroups v1.0.4
088c8df3a go.mod: github.com/containerd/continuity v0.3.0
012d68ff9 add gc scheduler metrics: collection count
44e12dc5d Windows snapshotter touch ups and new functionality
40aa4f3f1 Implicitly discard the input to drain the reader
00eb74a4c Make building static binaries simpler
d25b4e6f3 Bump Golang and MinGW versions in Windows setup script.
7b9f1d405 Added support for runtime level snapshotter, issue 6657
8bc6ccc07 Bump k8s.io deps to v0.24.1
5fcde823d Bump grpc to v1.47.0
1b3c3860d update golang to 1.18.3, 1.17.11
e3b4d750d update go-cni/for cni update fixing plugins that don't respond with version
8ed54849a Move docker reference logic to reference/docker package
f7aa90d27 Fix containerd-stress duration flag
ae22854e2 Linux containers on FreeBSD
49ca87d72 Limit the response size of ExecSync
1cf6f2032 promote pause image to 3.7
b5e1b8f61 Use t.Run for /pkg/cri tests
b572a82ad CRI: Remove deprecated error types and update error msg
978ff393d Add validations for Windows HostProcess CRI configs
1a8024b46 Makefile: use urfave_cli_no_docs for binaries that don't need it
5bb47fb95 vendor: github.com/urfave/cli v1.22.9
a3a2d14ec fix verify-vendor if go.mod does not contain replace rules
688b30cf5 CRI: Move truncindex to pkg
e44335800 CRI: Move reference sorting to reference package
b5366f8d7 CRI: Retrieve image spec on client
4ba5415fb build: Fix references to check-protos target in Makefile
8a3114b37 Fix broken oss-fuzz build
d2f30150b archive: add human-readable hint to Lchown error
9f9ebbd99 Fix tx closed error when upperdirlabel specified
739cb4c99 config: improve config v1 deprecation message
b5107a898 Fix Windows install powershell script
b69182c71 add note that a namespace cannot be named "version"
8d95f2b59 fix comments on metadata schema
900019b30 ctr sandbox: handle sandbox config
8ec1fc70d adjust format
a42688639 Restore decompression benchmarks
8494f7f11 adjust format in comment
92b7bc9ed ctr: fix label args used in NewContainer
4da4a8879 update doc url
eaec6530d fix some confusing typos
65150600d Separate windows-2019 and windows-2022 test results
7300296cb reverts removal of parallel run from critest
523d069a2 sandbox: replace github.com/pkg/errors with native errors
c4ce13a28 vendor: github.com/opencontainers/runc v1.1.2
25858d621 update runc binary to v1.1.2
c1140aef6 Bump OpenTelemetry dependencies
f710505f4 shim: fix debug flag not working
72cd3b476 update golang to 1.18.2, 1.17.10
f5b7a4b3d CI: update Fedora to 36
a3ac15600 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices
ad8b87ba2 Add `Wait` to `binaryProcessor`
d9fc5f4b0 Enable git commands due to git CVE fix
09c2c2a75 Pass explicit JUnit outfile to critest.exe in Windows workflow.
2c98a7b09 ctr import: strictly match platform
d1c49781e go.mod: Bump k8s deps to v0.24.0
c721c8e27 devmapper docs: small fixes
bb11c9d24 update critools to v1.24
8a2e8cd8d move report dir option to eol
af24e3871 Update Kubernetes version matrix in release docs
7a834516f Share images between TestRestartMonitor and TestRestartMonitorWithOnFailurePolicy
cedb7d3bd containerd 1.6.4 k8s 1.24 readme announce
57d2bce74 docs: minor fixes in snapshots.Snapshotter comments
42584167b Officially deprecate Schema 1
55401ac9c Update k8 docurl in file
d4127a9f2 CI: add riscv64 builds
0e56e4f9f release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64
4b412b800 seccomp: support riscv64
8160a3efc Reduce the number of the concurrent HTTP requests in TestUserNamespaces
7183fc81d Skip TestImagePullWithConcurrencyLimit on Cirrus CI
10576c298 cri: support blockio class in pod and container annotations
9b04d2fae docs: Adding windows installation steps to getting-started.md
227156dac Add ctr support for CPUMax and CPUShares
b5370b040 Fix comment for metadata/db.go
5d0730370 Update go-cni to v1.1.5
180c7535d Upgrade protoc, protoc-gen-go and protoc-gen-go-grpc
2c6760005 go mod tidy & go mod vendor
29b937956 make protos
fcba48636 Remove gogo from .proto files
ae29594d0 Bump opencontainers/selinux from 1.10.0 to 1.10.1
46773c341 Cleanup leaked shim process
7f23296b9 Upgrade google.golang.org/grpc and google.golang.org/protobuf
7353006f6 Remove kzys/typeurl
7215f85ac Don't use "uname -a" as Cirrus CI's cache key
45c0cbec5 Create ppc64le release
5f43118ce Move Vagrant-based tests from GitHub Actions to Cirrus CI
00d102da9 feature: support image pull progress timeout
fceab7f4c remove duplicate
0e6c7bf93 Fix undefined error in use of errors package
a9f5190fb images/image.go: typo
da3e2f985 fix incorrect syntax in comments
7a4f81d8b Fix tests
aefd1849b go mod tidy and go mod vendor
f616dd471 Upgrade containerd/typeurl
9dbe000a3 make protos
1a095e18b Rename Size_ to Size
e3db7de8f Remove gogo/protobuf and adjust types
fd37cc75b Use protoc-gen-go instead of protoc-gen-gogoctrd
e044759eb Upgrade containerd/ttrpc
8710d4d01 cri: close fifos when container is deleted
7331b2af4 Add Container-Optimized OS into Adopters
dfa6e8763 diff: hide types.Any from clients
01dfb110c Add go_package on all proto files
aa1526def Use proto.Marshal instead of calling Marshal() on objects
95dde4959 Embed "Unimplemented" structs as proto recommended
35994a475 fix monitor restart
237ef0de9 Remove all gogoproto extensions
22cd13b37 fix nil pointer panic for monitor
bd90ce043 Keep shim API backward compatible
39692e767 unpack: return error when no platforms defined
8017daa12 Add unpack interface to be used by client
e2fd25f3d Move runtime v2 proto Move runtime v2 protos to api/runtime package.
3742c756e Don't generate a Go file, if that would be empty
5f3b72432 Fix protoc-gen-go-fieldpath
3b82f9e33 metadata: use resource max and end on registration
88c0c7201 Consolidate gogo/protobuf dependencies under our own protobuf package
80b825ca2 Remove gogoproto.stdtime
dbdf50cc0 update golang to 1.18.1, 1.17.9
fd704d334 Build bin/gen-manpages instead of using "go run"
b497e6414 Fuzz filter package with Go 1.18's fuzzer
94faa70df allow ptrace(2) by default for kernel >= 4.8
fe8da6dca Move lease manager plugin to separate package
147f0a7e0 check for duplicate nspath possibilities
942af1203 fix pool_device_test.go
5f3ce9512 Do not append []string{""} to command to preserve Docker compatibility
8367f69fb Add collectible resources to metadata gc
c525aa5f8 Set timeout when collecting metrics from shim's Stat
49235ccba Change architecture path in README.md
8a1280b2b metrics/cgroups: fix deadlock issue in Add during Collect
a5dfbfcf5 cri: load sandboxes/containers/images in parallel
6d69aca56 make consistent for checkpoint path
6341e0696 ADOPTERS: Update AKS Info
b446c7647 [Sandbox] Remove outdated documentation
d0b32c053 [sandbox] Migrate from gogo to Any
85a49e4ee [sandbox] Cleanup interfaces
de4974572 [sandbox] Fix CI
b7a36950f [Sandbox] Add Wait and PID
0d165e654 Restore sandboxes on daemon restart
0c5e5c357 Fix protobuf after rebase
fa02477ca [sandbox] Add sandbox shim skeleton
35195737e [sandbox] Register shim plugin after #6301
17a2aaded [sandbox] Add ctr support
982de8a5d Launch sandboxed containers from task service
00f7a6bf2 [sandbox] Address PR review comments
6343fe3ea [sandbox] Implement sandbox controller
eaccbf1d0 [sandbox] Add clients
df234edeb [sandbox] Add controller service
a433beb79 [sandbox] Update vendor
0e77f758a [sandbox] Implement store service
13eb1a4bb [sandbox] Revendor API changes
d7ece8724 [sandbox] Save sandbox ID to container's store
cab7d5b3d [sandbox] Implement metadata store
87d4c8923 [sandbox] Add basic sandbox structures and interfaces
4445d0a8d [sandbox] Add protobuf definitions
3df767405 add restart policy for enhanced restart manager
7e70ad9fb Pin upload-cloud-storage action to 0.8.0 in Windows workflow.
927b34e41 tracing: fix panic on startup when configured
1a45c2c5f docs: add Deckhouse to the list of adopters
825c1c58a CDI: update go.mod and vendor deps
ff5c55847 move CDI calls to the linux-only code
c9b4ccf83 add configuration for CDI
aed0538da cri: implement CDI device injection
35383fb42 docs/cri: simplify
493baa6e7 Add docs/snapshots
811375856 CRI: improve image pulling performance
16fbbaeee Skip flaky test on Windows
44d7cd152 mv design docs/historical/design
195fc7424 docs: migrate config v1 to v2
84cebafe8 docs: remove deprecated `io.containerd.runtime.v1.linux`
83665bf8d docs/getting-started.md: typo
ccea927d9 Move historical docs to `docs/historical`
50921e71b Run go mod tidy in integration tests
99c194e03 go.mod: move indirects, and update integration go.mod to 1.18
6ccec53d3 Remove gotest.tools
871b6b6a9 Use testify
6da318310 Disable writing freelist to make the file robust against data corruptions
62c846b17 Update linters to use t.Setenv
2d59a3944 Use t.Setenv instead of os.Setenv
4bdac2b43 Adding multi-arch support for the configure.sh script
6f269ccb3 docs/getting-started.md: massive update
c7bdcdfbe Address some timeout issues in the Windows CI
a2d22ac05 BUILDING.md: update supported Go versions
d0bd65d3c Remove unmaintained contrib/linuxkit
f2d5f71a7 update runc binary to v1.1.1
11a31320b go.mod: github.com/opencontainers/runc v1.1.1
0b2a95e10 Add no_tracing tag
b42e936c5 CI: add Rocky Linux 8
b1030e7b6 CI: bump up crun to 1.4.4
b737cb10e Update README.md
cf571fa96 added make help for cri integration
44a8ac7b0 Turn paths from cmdline into absolute paths
2689432bf Fix error message in TestNewBinaryIO
96b16b447 Use typeurl.Any instead of github.com/gogo/protobuf/types.Any
fe426227d native: fix deadlock from leaving transactions open
a51da91c1 moving up to go-cni v1.1.4
36612d692 go.mod: remove replace and update github.com/gogo/googleapis v1.4.1
df93940fb fix: ctr images mount with snapshotter option can't get snapshotter
c091d48cb Use cgroups.AddProc() for cgroups v1
d2013d2c9 runtime: deprecate runc --criu / -criu-path option
388ee880d Upgrade containerd/imgcrypt and opencontainers/image-spec
70a06d0c8 Upgrade to Go 1.18
067611fde Remove enumvalue_customname, goproto_enum_prefix and enum_customname
bfde58e3c Bug fix for mount path handling
e9bb9c3bc Skip tty critest testcase on Windows Server 2022
3eeeb9429 Remove gogoproto.customtype
040babe00 Vendor dependencies with module graph pruning
a19ad9bb6 Use Go 1.18 to build and test containerd
56f95e3d8 Test turning off golang CI lint cache
ee49c4d55 Add nolint:staticcheck to platform-specific calls
c56875233 Update prometheus client vendor
9aadef1be vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
fdb746442 document log level and format
52d307ac1 test: remove redundant `mountPoint`
2a0b2ee9e fix: ctr run --cni get failed
18ec2761c test: use `T.TempDir` to create temporary test directory
b8bf504e9 Enable gosec linter for golangci-lint
2ddcb2019 Make OpenLab's CI jobs blocking
cc526a98a Make mkfs.xfs available on OpenLab's CI environment
ba1674389 typo fixes under cmd.
2e080bf49 Add shared content label to namespaces
2a425990c Implement `--device idType://id` for `ctr run` on Windows
39d52118f Plumb CRI Devices through to OCI WindowsDevices
6a25be94e CRI integration test for Windows Device mounts
622a35a4f Upgrade golangci-lint and its GitHub Action
59b1871b3 Fix link in getting-started.md
88de65112 Don't build a second copy of containerd-shim-runhcs-v1.exe
807ded41f Update TestNormalize to only test Windows
80bc32f06 Use temp file for export/import test
0d0b2bd4f Mount devmapper xfs file system with "nouuid" option.
14901335c Increase wait timeout for TestDaemonRestart
718adfe06 Use the latest image for Windows test workers
894e78001 Improve ErrUnexpectedStatus default string
48b478381 Skip most of script/setup/prepare_env_windows.ps1
768bf73dd Enable cri-tools critest on Windows
59b978847 Enable CRI Integration tests on Windows
5b78a9a8f Remove hardcoded /tmp in tempfile paths
03a5e648b Use version 2 config and mention containerd config command
e0a6f9c7d update to go 1.16.15, 1.17.8 to address CVE-2022-24921
b90c466c3 Add ErrUnexpectedStatus to resolver
fdaf859aa Update status of 1.4 release
7b045ea5f ctr: improve error relative shim path error msg
e5efc260d Update latest release versions
63dd929af Update release process to include Kubernetes test infrastructure
0c79257f5 Add --user support for ctr run Windows
de3d9993f Adds support for Windows ArgsEscaped images
775facd57 cri: fix integration test on cgroupsv2 system
f1f69d4ee integration: remove duplicated util pkg
352a8f49f cri: relax test for system without hugetlb
ec90efbe9 Make the temp mount as ready only in container WithVolumes
ea3d2e643 go.mod: update to github.com/tchap/go-patricia/v2 v2.3.1
2b68c03a6 Update Go version recommendation in getting started
77c0539e9 Use containerd/protobuild instead of stevvooe/protobuild
d28981d48 Fix build with gccgo
f4f41296c Replace golang.org/x/net/context with std library
296f75bd0 Do not use weak import
3febabffe Add protoc-gen-go-fieldpath
7901f4b33 containerd-shim-runc-v1: return init pid when clean dead shim
a3303e721 Update TestContainerSymlinkVolumes to use windows path
481fb923c go.mod: update to github.com/emicklei/go-restful/v3 v3.7.3
fb0b8d617 Use fs.RootPath when mounting volumes
1a31772a7 go.mod: github.com/moby/sys/signal v0.7.0
b1881bdc0 go.mod: github.com/moby/sys/mountinfo v0.6.0
b6a6757c1 go.mod: github.com/fsnotify/fsnotify v1.5.1
83c80388b Initialize platform matchers for current platform
b63000c65 [Windows][Integration] Enable TestRestartMonitor
7275411ec cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events
6906b57c7 Fix the Inheritable capability defaults.
fdbfde5d8 cmd/containerd-shim: add -v (version) flag
e79aba10d integration/images/volume-ownership: strip path information from usage output
b8cadf753 runtime/v2/shim: strip path information from version output
356ca7575 containerd-shim-runc-v2: return init pid when clean dead shim
86d52fc26 Fuzzing: refactor metadata fuzzers
894af07e3 integration: Adds Windows equivalent for TestSandboxRemoveWithoutIPLeakage
54e95e6b8 fix Implicit memory aliasing in for loop
5d4dc5780 remotes/docker: log registry URLs as info instead of debug
afe39bebf add oci.WithAllDevicesAllowed flag for privileged_without_host_devices
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.12-2-gccfc27e30, which comprises the following commits:
3595dd04b fix: check for tmpfs when evaluating if userxattr should be used
1899ebcd8 Prepare release notes for v1.6.12
ec5acd4c1 CRI stream server: Fix goroutine leak in Exec
9743dbae8 [release/1.6] update to go1.18.9
3d24d97ba Prepare release notes for v1.6.11
bb96b21e5 fix: support simultaneous create diff for same parent snapshot
15b541238 Fix order of operations when setting lease labels
9fdf713e5 Added nullptr checks to pkg/cri/server and sbserver
56593cca5 cri: add pod uid annotation
8ec051a6b [release/1.6] go.mod: use golang_protobuf_extensions v1.0.4
e639ecd7c Prepare release notes for v1.6.10
5af8d89ce overlayutils: Add fastpath for userxattr check
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the insane.bbclass upstream-status check hasn't been made
default, users of meta-virtualization may have it enabled in their
distros .. so the effect is the same. We must have this tracking
tag in out patches.
This is a bulk update to add the tag and silence the QA message.
As packages get updated, the normal/routine process of checking
the patches will continue, and the status fields may (or may not)
get more useful.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.9-12-g6c41694da, which comprises the following commits:
5af8d89ce overlayutils: Add fastpath for userxattr check
303f608dd [release/1.6] update to Go 1.18.8 to address CVE-2022-41716
3f9f9508d ctr export strictly match default platform
df73acad5 [release/1.6] go.mod: Bump hcsshim to v0.9.5
658490b78 ctr import: strictly match platform
4907b4d72 Migrate away from GitHub actions set-output
f1493f665 Prepare release notes for v1.6.9
346412f5a adding support of CAP_BPF and CAP_PERFMON
99578d1fc Update mailmap
a956d8415 Add logging volume metrics to Containerd CRI plugin
29e2dea50 fix pusher concurrent close channel
8a9d69385 [release/1.6] Stats() shouldn't assume s.container is non-nil
a9adc7938 cri: PodSandboxStatus should tolerate missing task
b66eb726a migrate from k8s.gcr.io to registry.k8s.io
5b40993a5 [release/1.6] upgrade containerd/continuity from v0.2.2 to v0.3.0
f2376e659 Update container with sandbox metadata after NetNS is created
06f82efef archive: validate digests before use
28324c529 [release/1.6] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
0aeeb62cb [release/1.6] update golangci-lint to v1.19.0
7db9d1f76 Fix linter warnings
4dc932e62 [release/1.6] gofmt with go1.19
7b8d679ad [release/1.6] integration: remove use of deprecated io/ioutil
926b9c72f retry request on writer reset
b9a35c6af Add integration tests with failpoint
1f29fac48 Persist container and sandbox if resource cleanup fails, like teardownPodNetwork
a85709c6c integration: simplify CNI-fp and add README.md
d89a8d223 pkg/failpoint: add FreeBSD link and update pkg doc
b0ce2965a integration: Add injected failpoint testing for RunPodSandbox
a7f956d86 integration: CNI bridge wrapper with failpoint
07c479471 pkg/failpoint: add DelegatedEval API
4a5bc05aa runtime/v2/shim: return if error in load plugin
71ee7de24 bin/ctr,integration: new runc-shim with failpoint
3e2e77849 runtime/v2: manager supports server interceptor
cb935bf49 pkg/failpoint: init failpoint package
2fdfd564c make xattr EPERM non-fatal in createTarFile
89e49609d remotes/docker/config: Skipping TLS verification for localhost
b720be2ce remove stray .zuul.yaml
6b30bc4b4 .zuul: remove the zuul because it is offline
0f7e258ee Set grpc code for unimplemented cri-api methods
fb753e5cd update intergration
6ee5bb7ea bump cri-api
ae8598615 ContainerStatus to return container resources
d3c7e31c8 Update CRI-API
5b44c5271 vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
3507d600b update runc binary to v1.1.4
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
restructure the containerd source layout to avoid symlinking vendor
dependencies. This avoid go recording paths in the final binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We get the following QA warning on build:
WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths]
This is the first step in fixing the QA warning, by dropping our
debug patch, passing -trimpath and not defining GO_DEBUG.
This leaves a final reference similar to:
path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr
That is being stored in the .rodata of the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.8-8-g579a6380e, which comprises the following commits:
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
0448673af Do not append []string{""} to command to preserve Docker compatibility
5c230ece0 Fix cleanup in critest
ed9d3dc37 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices
3364f411e Prepare release notes for v1.6.8
390920429 release workflow: remove Go setup action
cf48ba6e8 release workflow: increase timeout to 30 minutes
57873e652 release: rollback Ubuntu to 18.04 (except for riscv64)
eccb82f6d Update release build timeout to 20 minutes
6a854d4b5 Update mailmap
61612e1a2 Prepare release notes for 1.6.7
d199ee462 Update golang to 1.17.13
0578d20c5 Change os.Stderr reassign for Windows service
12cae4961 Update Vagrant CI to macos-12
bc4091aae chore: bump macos runner version
cb73bd050 Windows HostProcess container CRI stats test
ac388525a Add validations for Windows HostProcess CRI configs
0007f40fe [release/1.6] go.mod: Bump hcsshim to v0.9.4
c9607e78c Update Fedora version to 36
2952b66c0 CI: add riscv64 builds
6b2dc9a37 release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64
745dc07c4 seccomp: support riscv64
c2f841f21 Create ppc64le release
86b55bd8d seccomp: allow clock_settime64 when CAP_SYS_TIME is added
f3da3e51f allow ptrace(2) by default for kernel >= 4.8
aa1101068 [release/1.6] update golang to 1.17.12
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.6-10-g4e92d8e7e, which comprises the following commits:
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
fa2016d58 [release/1.6] Downgrade MinGW to version 10.2.0
99c56d217 ctr: fix label args used in NewContainer
51de785f8 [release/1.6] Make building static binaries simpler
2ea4e6348 update runc binary to v1.1.3
61213742a Prepare release notes for v1.6.6
f92068350 Implicitly discard the input to drain the reader
2eb67213b [release/1.6] Limit the response size of ExecSync
185e87275 Prepare release notes for v1.6.5
5c9c83d3e [release/1.6] update golang to 1.17.11
fdcdc27bc update go-cni/for cni update fixing plugins that don't respond with version
e33b9e709 archive: add human-readable hint to Lchown error
3bb5a9d19 config: improve config v1 deprecation message
6eff5b6c0 [release/1.6] go.mod: Bump hcsshim to 0.9.3
f1d2d9260 [release/1.6] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
9f99be51b [release/1.6] update golang to 1.17.10
246a1b42e vendor: github.com/opencontainers/runc v1.1.2
43717e03a update runc binary to v1.1.2
82a77be2d reverts removal of parallel run from critest
06bdfeb67 Allow git commands in Vagrantfile
70839a344 Bug fix for mount path handling
1520bae0f update critools to v1.24
0d1d2953b Prepare release notes for 1.6.4
42d691fe6 Bump opencontainers/selinux from 1.10.0 to 1.10.1
e9f22e008 Update go-cni to v1.1.5
be4909e95 cri: close fifos when container is deleted
baa386dc0 Prepare release notes for v1.6.3
e8da82adc tracing: fix panic on startup when configured
1764ea9a2 CRI: improve image pulling performance
9cd76d465 [release/1.6] update golang to 1.17.9
c09cc1242 check for duplicate nspath possibilities
fe6ba62ce metrics/cgroups: fix deadlock issue in Add during Collect
8b81a7843 [release/1.6] go.mod: update image-spec to merge-commit of v1 into main
f2ba2041b update runc binary to v1.1.1
b736b4dab go.mod: github.com/opencontainers/runc v1.1.1
72f1e58c7 CI: add Rocky Linux 8
7ede40c5c [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4
5538be6cf cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events
da35c19da Test turning off golang CI lint cache
a0213573b Add nolint:staticcheck to platform-specific calls
ad0036ed6 Update prometheus client vendor
c7bbf316f Mount devmapper xfs file system with "nouuid" option.
a1de89c3e Make the temp mount as ready only in container WithVolumes
82a12edf2 moving up to go-cni v1.1.4
28b44826b native: fix deadlock from leaving transactions open
8461dd6e5 Prepare release notes for v1.6.2
91800c4e9 Add static checks to shim for Windows
ca51d7f85 Update go.mod go version
765df6609 [release/1.6] remove empty go mod to allow building for go 1.18
e9af80859 Fix the Inheritable capability defaults.
7c929318a Update TestNormalize to only test Windows
06985e7d0 Upgrade golangci-lint and its GitHub Action
b13d3e05c cri: relax test for system without hugetlb
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The NVD database uses version without a prefixing 'v'
for containerd.
e.g.
https://nvd.nist.gov/vuln/detail/CVE-2022-23648
So we need to explictly set CVE_VERSION.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.1-4-gd12516713, which comprises the following commits:
b13d3e05c cri: relax test for system without hugetlb
b325d5647 update to go 1.16.15, 1.17.8 to address CVE-2022-24921
787b4671d Prepare release notes for v1.6.1
444eba43d containerd-shim-runc-v1: return init pid when clean dead shim
37bb915c6 containerd-shim-runc-v2: return init pid when clean dead shim
9f316fa4b Use fs.RootPath when mounting volumes
8713c0472 Prepare release notes for v1.6.0
f261498e0 Update Go to 1.16.14, 1.17.7
fa19714db Update go-cni to v1.1.3
6e3cc28a6 Wait for containerd installation in GCE scripts
c0f818846 Update go-cni to v1.1.2
dea7ae27a Add instructions on using go with admin perms
4f0d5f0ee Enable TestContainerPTY and TestContainerUsername
732103271 Change the context to avoid misunderstandings
6827eec7a Prepare release notes for v1.6.0-rc.4
b0623a06e Change file name for shim binary path
daaf031e2 Use white logo in github dark mode
efc6ca4c4 Prepare release notes for v1.6.0-rc.3
7e821fb61 fix: .dockerignore makes git working tree dirty
ac2692d30 containerd-stress: introduce option for specifying image
8b9571e34 containerd-stress: start task ctr before starting execs
9b1fb8258 cri: fix handling of ignore_rdt_not_enabled_errors config option
dcbe3e471 docs: add Talos Linux to the list of adopters
821c961c8 pkg/oom/v2: handle EventChan routine shutdown quietly
2d9d5fddb Document fs_type and fs_options in snapshots/devmapper/README.md
a31e28e2c Prepare release notes for v1.6.0-rc.2
8944c12f5 Update releases document
8d69c041c Update cgroups to v1.0.3
bec6e4dd6 platforms.Normalize(): do not reset OSVersion and OSFeatures
34f717349 seccomp: kernel 5.16 (futex_waitv)
8632bdcb7 seccomp: kernel 5.15 (process_mrelease)
c013db696 seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
17a2831f7 seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
1329ea371 seccomp: kernel 5.12 (mount_setattr)
cc59ae4d9 tracing: return (ctx, span) from StartSpan
e751f1f44 tracing: support OTLP/HTTP in addition to gRPC
813a061fe oci: use readonly mount to read user/group info
c0e00f19a fix acr fetch token 400
4cd9f37f5 Fix windows periodic workflow
4aff7431f Fix possibly incorrect media type default on import
3ffb6a611 shimv2: handle sigint/sigterm
f048a2593 docs: add doc-comments on GC-related methods
31a710c49 fix: should not send 137 code event if cmd is notfound
936faf9c9 fix empty scopes return
c1e17d8ba Prepare release notes for v1.6.0-rc.1
4f552b077 Compile binaries for go1.16 and go1.17 in CI
7d7064e6b Integration: Change to Windows Server 2022 build number constant
2898004a5 Update kubernetes vendor to 0.22.5
4e9e14c2b Fix rdt build tags for go 1.16
af83e9af1 platforms: add support for matching amd64 variants
af39d2ad7 go.mod: Update hcsshim to v0.9.2
fcb7bd699 Remove api go submodule
46312f4a1 Update makefile to remove API submodule
ed0828bb6 delete useless code
21a748e38 go.mod: github.com/opencontainers/runc v1.1.0
dba897c35 update runc binary to v1.1.0
d5e8edf2d Do not automatically inject client traces
69ae95531 tracing: fix OTLP tracer's initialization
8dd36423b Revert "Add shared content label to namespaces"
a1ba38056 Update caching logic to avoid map access
ce3871966 services/introspection: support to show introspection grpc service
a018ae3f6 Prepare release notes for v1.6.0-rc.0
919797163 Integration: Switch to `upload-cloud-storage` Gcloud action.
8a2b61356 Integration: Switch to using `auth` Gcloud action in Windows workflow.
c0a31a7a4 Add ppc64 support for test images
a303d552a ctr: Unify the delete subcommand alias
b35fb7d44 remove io/ioutil
d05194f0a ctr: flag to toggle non-distributable blob push
f77989036 Add image handler to skip non-distributable blobs.
8c194d8f3 gha: run CodeQL scan on pull requests
f99e92359 Enable critest tests on Windows Server 2022.
55b89eabf Parametrize CRITest test images in Windows Periodic workflow.
18592b2f5 Fix wrong log message
bdc852190 test: e2e node COS cgroupv2 script
e38946d86 Updating adoption of containerd for AKS
8aca314dd Update error message for apparmor parser
48c7529de Fix incorrect error wrapped when closing ingest file
0c2c289d4 Fix seek error used without nil check
8816006d1 Fix followup items from errors replacement
a94f32ce0 update the adoption status of containerd in GKE
adee2c797 seccomp: add support for "swapcontext" syscall in default policy
4f0f36350 corrected link in cri architecture documentation
d3724a6c1 go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
bbe46b8c4 feat: replace github.com/pkg/errors to errors
e43d4206a Update k/k to 1.23.0
8d5af6be8 Prepare release notes for v1.6.0-beta.5
9c2e3835f cri: add ignore_rdt_not_enabled_errors config option
eba104816 Update dependencies
f4a191917 cri: annotations for controlling RDT class
eae14688c tasks: add Linux rdt support
9e755d12e cmd: add --rdt-class command line option
2946db890 oci: implement WithRdt
df21828d2 content/local: use syscall.Timespec.Unix
85326d76f fix: only test abstract unix socket on linux
90426378e Integration: Check GCP secrets on Windows CI artifact upload.
97623ab0c remotes/docker: allow fetching "refresh token" (aka "identity token")
8094f50dd remotes/docker/config: allow setting custom AuthorizerOpts
8e6afaa20 Fix $(PWD) issue for Windows makefile
653b8b02a Expect ErrorNotFound on Windows after Kill()
ac8129706 fix: use _ for consistency
f39b3ac7e fix(ctr): enable networking for Windows containers
0ff87a892 Replace tskill with taskkill
aadae6d50 Fix flakiness on Windows for list stats
d53c43133 Fix no-daemon flag for integration/client tests
5c2edeffb Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
2ee3ce510 Use insecure.NewCredentials instead of grpc.WithInsecure
2fb739aa2 Upgrade OpenTelemetry dependencies
34c4abc34 Fix default makefile target for windows
78ad7a2d3 cri-integration: Add Windows default paths
abcf7c2f6 Disable TestContainerHook on Windows
f1c799331 seutil: Fix setting the "container_kvm_t" label
c8a009d18 add-list-stat: return container list if filter is nil
f83ab813d Use task plugin for runc shim
04e57d71b Seperate shim manager and task service
44b28b61f medatada: make namespaces' deletion error less cryptic
20419feaa cri, sandbox: pass sandbox resource details if available, applicable
9e9ee66bf integration: deflake TestContainerdRestart
dd26d3d09 feat: support custom timeout for blot open
c0d07094b feat: Errorf usage
0e472420b Update Go to 1.17.5
569042e6d Prepare release notes for v1.6.0-beta.4
552a27081 Disable restart monitor test in Windows
b7f673790 OCI: Mount (accessible) host devices in privileged rootless containers
7f70ff967 oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
2c96d5b06 Run windows parallel integration test as short
807213fd3 Update restart monitor test to output daemon logs on failure
9b0303913 only relabel cri managed host mounts
90cdc6c9a images/converter: remove deprecated types
fc8138468 go.mod: update image-spec to latest (v1.0.3-dev)
2d3009038 cri/server: use consistent alias for pkg/ioutil
dc13bcd51 Enable lazy init for ext4 with devicemapper
68dabdcc6 Use RFC3339 format so rg cleanup works
6f9d80907 Remove Windows integration testing for 2004.
77a321a07 Replace find with native Go code
22dc60e05 Enable TestVolumeOwnership on Windows
441bcb56d Skip WithAdditionalGIDs on Darwin
4c1e26cd5 Don't fail-fast on Windows integration tests
c9d1e155c go.mod: github.com/opencontainers/runc v1.0.3
44995d483 update runc binary to v1.0.3
416899fc8 Allow native snapshotter on Darwin
6b0e2414c Do not use `go get` to install executables
d2f1dda0f Include runtime v2 in default builtins
392f604eb Use a single RUN command
533dd1c0e fixup: check for swap accounting
f33d38c7c integration: align tags of test images
c5b0a18b6 fixup: handle diff between cgroupsv1 and v2
9cc0d1f07 Set explicit ACL on test files
4ccf287da Set CONTAINERD_ROOT in Windows cri-integration
ff77dd112 Add Windows Server 2022 CI runs
fd0850e9e Update continuity dependency
ff9d7aef3 Update volume test images
2fa4e9c0e cri: add support for configuring swap
bae0d88ae Add error logging on cleanup
6bccd67e8 Revert shim plugin migration
665877a5b Move volume images from gcr to ghcr
323a62d7b Add permissions
f3195b3b5 export oci.DeviceFromPath()
c6d26f0d3 Authenticate against ghcr.io
2a6857d06 Skip TestExportAndImportMultiLayer on Windows
6ff1a5934 fix when kernel version < 4.13rc1 by using index=off cause overlay test error
94462d8f5 oci/deviceFromPath(): correctly check device types
7a4415dd5 Add VMware TKG & TCE to Containerd adopters
46892d340 Vagrantfile: update to Fedora 35
8de1117c9 integration: add stats result in error message
6681cc4b9 ctr/snapshots/diff: don't show the media-type in output
a97564411 remotes: fix dockerPusher to handle abort correctly
1698d061c Build volume test images on Windows
7ccd733d2 Add image build workflow
95b3ab2a4 ctr: Add Linux Capabilities control flags
3d318b3bb docs: mark 1.4 as Extended
9a994877c docs: fix RELEASES.md gRPC API anchor
0a25bc1aa Integration: Separate Windows Periodic Tests workflow trigger.
507bfc91b feat: skip ci for fork
9dfbcbbc4 content/local: Close the file if Seek fails
5015130f7 Fix executable file not found when restoring shims
2b28dd363 Fix wrong make target on documentation
cb1359fa8 Integration: Remove explicit version passing to `azure/CLI`.
fa6759ae5 fix: server error return
5e4b033ec Update README.md repo->org
5f293d9ac [CRI] Fix panic when registry.mirrors use localhost
674b94c42 Prepare release notes for v1.6.0-beta.3
f5863e22f Update API version in go.mod
5df9ec366 Update release name to use consistent format
f8d734e40 fix: make max recv/send msg size setting default
63895de45 Add support for TMP override on toml
444ef2f6d Generalize Windows CI setup script for any user.
3d6bfa3f5 Standardize cmdlet capitalization in Windows CI scripts.
6835a9470 Split runc shim into plugin components
6eea8f3f6 Add shutdown package
547040cd5 feat:support custom callopts on client side
bef792b96 feat: use rwmutex instead
2f31dcda7 release: change tar name to match prior releases
70c88f507 schema1: reject ambiguous documents
eb9ba7ed8 images: validate document type before unmarshal
2a81c9f67 CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
db124c560 Close file if permission modification fails
526defb57 Fix containerd fails to pull OCI image with non-`http(s)://` urls
89eebc4c0 Fix wrong error returned for image index lookup
be84932e1 Rename release dockerfile to omit distro name
28126fd60 release: improve dockerfile
27d7c5038 Add arm64 to releases
6765524b7 use write lock when updating container stats
b103bee4c go.mod: Bump hcsshim to v0.9.1
e17fe37e0 Fix package alias
920b24793 go.mod: Bump ttrpc to 1.1.0
6870f3b1b Support custom runtime path when launching tasks
91bbaf679 [cri] add sandbox and container latency metrics
a3b756ce1 Prepare release notes for v1.6.0-beta.2
574800633 cleanup: add more description on comment
a22346622 CI: bump up crun: 1.0 -> 1.3
97073c943 go.mod: github.com/moby/sys/mountinfo v0.5.0
19d9d0d2a go.mod: github.com/moby/sys/signal v0.6.0
9c455ded6 go.mod: github.com/moby/sys/symlink v0.2.0
fa12f4e69 go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
869ccc01c Update Go to 1.17.3
3196e65f5 docs: document the runtime shim plugin config options
0d8e07681 docs: use proper markdown lists in containerd-config.toml.5.md
54c0cdae6 Update TestRestartMonitor expected time check
d4f4c1380 Add runtime path in CreateTaskRequest
548579d0e Pin az CLI version
2e6d5709e Implement CRI container and pods stats
b69bbe25a Vendor latest k8s.io/cri-api and netlink
9bfec3980 test: Add grace period for restart monitor test
d022fbe78 Address PR comments
82cb0a63e Add mkdir on Dockerfile
6fa1bb4a5 Fix build after rebase
2cec3a34b Migrate task directory
8b788d9df Expose shim process interface
733519677 Fix after rebase
df8c206a9 Cleanup shim loading
b554b577b Move shim restore to a separate file
a3d298193 Fix backward compatibility with old task shims
33786ee4d Add plugin dependency between shim and shim services
fb5f6ce3c Rework task create and cleanup flow
7c4ead285 Add task manager
2d5d3541e Rename task manager to shim manager
ea8978810 adds additional debug out to timebox cni setup
6fa9f22fa compression: support zstd with skippable frame
f0d3ea96c converter: Allow hooks during image conversion
6ee8577e5 sys/reaper: avoid leaky goroutine when exec timeout
88fc5cf2d Adding scope tests for ParseAuthHeader
3e51312a6 fix shim reaper wait command execute blocked
7438edc7e Adding tests for GenerateTokenOptions
9b4a6f129 Generate token options with each scope as a separate string.
b8f3ebb03 vendor: update moby/sys for darwin support
0ccc386c8 Prepare release notes for v1.6.0-beta.1
e5fc3b38e Update mailmap
37720fc6f Update api vendor
a217b5ac8 bump CNI to spec v1.0.0
010a9e2bc content: close stream after commit request
ebc5cf19a feat(doc): update to version 2 syntax
294143bf3 Inject otel traces to grpc client.
cd2f2b0af client: expose (*image).platform
535191abf fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
3b73922fb feat(doc): add Core Scheduling documentation
c18c2e735 Fix spelling mistake in Windows snapshotter
130a9c7dd Ensure namespace is proxied to grpc/ttrpc plugins
2a8dac12a Output a warning for label image labels instead of erroring
602018900 integration: Enable some tests for Windows
1f1cad391 io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
46be06937 close Writer after use which may leak mem
1abe50512 Prepare release notes for v1.6.0-beta.0
c5947557d Add error message to in TestContainerdRestart integration test
072a7074b Fix typo in the NewContainer function documentation
ac2df3ba9 test: check file content after mount
18d483b23 Update cgroups to v1.0.2
4ed3c524c Update test timeout based on recent cancellations
d252a293d Remove extra test_teardown
4a569c889 Check the pid in cri test teardown
f1054dbbd fix integration client vendor
e48bbe839 add runc shim support for sched core
de1a39bf3 Update Go to 1.17.2
46b152f81 vendor: Bump hcsshim to 0.9.0
fb4432c24 integration: Enables TestVolumeCopyUp for Windows
0ba3532f5 integration: Enables TestRuntimeHandler for Windows
830b3c26e integration: Enable some tests for Windows (part 2)
3a713811b run `gofmt` with Go 1.17
96018b7db vendor: Updates go-cni
703b86533 pkg/cap: remove an outdated comment
1ee2bff0e Update go otel 1.0.1
b9a0c5080 modify the way for checking cos
c528d2c39 Update ADOPTERS.md with additional uses
5b222d54a commands: Enables task metrics for Windows
9734b4039 Pin mingw to version 10.2.0
d19af5afb Update to golang 1.17.1
3cb0ec01e Install nssm
02e77bcdc task service: return known error type
791e175c7 Windows: Fixes Windows containers with image volumes
049042382 fix: update vendor
5c2426a7b cleanup: import from k8s.io/utils/clock/testing instead
6484fab1e cleanup: import from k8s.io/utils/clock instead
d16942cf1 feat: enable cri remote client to call with grpc calloptions
ca35f4e82 Windows: Cleanup rm- prefixed layers
f6b7e07fd cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>)
933ddaa6f fix: wrong flag type
da16d492c feat: support import image for specific platform
67b883146 Update mirror images to take target image name
e6ddffc2a fix: make exec-id flag required in exec command
09c9270fe images: enable converter to uncompress zstd
694a00754 replace deprecated function
2bc77b8a2 Adds Windows resource limits support
224454062 Fix main branch build is broken
7c621e1fc btrfs: reduce permissions on plugin directories
fcffe0c83 switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound)
b9cf0d75a Fix panic in metadata content writer on copy error
6886c6a2e v1 runtime: reduce permissions for bundle dir
7d56b24f1 v2 runtime: reduce permissions for bundle dir
7a7a9a282 integration: Adds test for multilayer image import
f7658e37d runtime: should fail fast if dial error on shim
483d2e947 go.mod: update opentelemetry modules to v1.0.0
084387e0b Move tracing to plugin
45c3453a7 Add open telemetry logging hook for logrus
16f3d67b5 add current process state to the error message
407d60694 Add github action to mirror image
97df73004 gha: collect Vagrant VMs' IP addresses
2bffb5f9b FreeBSD: fix tar headers & the nil check on getxattr
7854e0bff bump continuity and console version that remove pkg/errors
16d3f48a2 ctr namespaces: improve usage string
50da67359 refactor: move from io/ioutil to io and os package
a68fb7add bump console version to v1.0.3 that remove pkg/errors
3e72e335f Use github images for integration tests
55893b9be Add CNI conf based on runtime class
50a568595 Change oci.WithUser behavior for LCOW
65f6a896c Fuzzing: Add 4 fuzzers + small modifications
2fecf5b02 Make sure exit signals trigger an exit during init
f40df3d72 Enable image config labels in ctr and CRI container creation
6875aa5d3 import: Add option to skip creating digest image
f700ae873 CI: bump up crun to 1.0
55923daa9 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
8596d1188 Fix typo
73dbbf5bf Update to Go 1.17.1
498e5b27f fix error string format
6d961f967 CI: Switch to available latest images
e087b47e9 import: Raise error if the imported image is filtered out
91b64c58b add xfs support to devicemapper snapshotter
8ff8b1b82 vendor: update continuity for darwin support
1efed4309 add ip_pref CNI options for primary pod ip
16cd6ed13 Additional integration tests for pulling image with labels
756f4a314 cri: add devices for privileged container
9954147c0 pin protobuild version to tag
2458afeb1 Fix content copy to not ignore unexpected EOF
6bec0d39b use a const metric for build_info
ae27a6b05 Add metric exposing build version&revision
8e850bc0f replace deprecated Dail with DailContext
aeea697d8 Add WS2022 support in Windows Periodic tests
55faa5e93 task delete: Closes task IO before waiting
f42513112 integration: Adds Windows HostProcess tests
ccc5ee303 archive: Add WriteDiff error logs
820bd9269 fix document non-synchronous in crictl.md
2bcd6a4e8 cri: patch update image labels
789abc936 using Hosts replace deprecated field
57e10439d Fixes task kill --force on Windows
abf4de498 integration: Enables Windows containerd restart test
96ec0b6f3 content fuzzer: Clean up tempdir
eb2530be8 Makefile.linux: build on riscv with PIE
6b0b64a51 ctr: Fixes Windows image import
a43fa9f28 darwin: runtime support
5dd38792a darwin: use the default values for socketRoot variable
27046a9e0 Fix cwd flag for `ctr tasks exec`
24cec9be5 sandbox: Allows the sandbox to be deleted in NotReady state
1dd0d59b7 go.mod: Update hcsshim to v0.8.21
6d3d34b85 Update Pause image in tests & config
278176db1 Address issue forms feedback
838afd211 Adding testing of two devices
e0f8c04da cri: Devices ownership from SecurityContext
7bc5aa74c Fix pull fails on unexpected EOF
11ab3cba0 Use issue forms for bug reporting
e2c769d6f windows: The DefaultSpec platform should match the Default matcher
7826a21ac Update RELEASES.md
2ac996840 replace uses of os/exec with golang.org/x/sys/execabs
25644b461 Add RunAsUserName functionality for the Windows Pod Sandbox Container
e18516767 go.mod: update runc to v1.0.2
3f8ea1b6a update runc binary to v1.0.2
429296910 go.mod: github.com/pelletier/go-toml v1.9.3
f8dfbee17 add cri test case
9a8bf1315 feature: add field LinuxContainerResources.Unified on cri
d3aa7ee9f Run `go fmt` with Go 1.17
c3609ff4c cri: filter selinux xattr for image volumes
4dd5ca70f script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0
f7b1ceb9f integration: investigate TestRestartMonitor's failure
acb81bbda integration: fix TestContainerPids
9fe7bc938 Bump integration timeout to 35 min
7fba86264 Fix dir support for devices V3 (#4847)
6f60b3016 [ctr] add HOSTNAME env for host network
8d135d284 Add support for shim plugins
f8602c372 Update to Go 1.17
c9b1b2fd5 Fuzzing: Add fuzzer
9e1b57ca0 Add env for SystemdCgroup driver
1224060f8 Allow expanded DNS configuration
538d93d2f Fuzzing: Add 4 fuzzers
79b369a0b Added windows hostProcess cni skip
82fe0db9a Fix bad `make protos` failure
1c47fb17f docs: remove FOSSA's badge
bc4cea4e4 docs: rename main to master
5e49ec27d Use http.Get to download binaries instead of exec.Command
e6538b8bc Add trap to cri-integration test script
d2f3b7146 add cpu-shares to ctr
30b832e49 archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624
9cc179aa7 BUILDING.md: remove some bits about building runc
42b57cc73 BUILDING.md: markdown fixes
a3d6edc0e content: return the error with its timestamp
a5468852f docs: list all snapshotter-related build flags
e634f04d8 go.mod: update kubernetes to v1.22.0
11a90c7ff Fuzzing: Add experimental version of container fuzzer
42a28ad2c Update Go to 1.16.7
534685f95 Fix Linux CI Linter using go 1.15.14
10eab21a4 Cleanup CI
0a0621bb4 Move plugin context events into separate plugin
6f027e38a Remove redundant build tags
3c5424454 [otel-tracing] vendor and go modules changes
3597ac859 [otel-tracing] Initial opentelemetry support
7917da764 Change default directories on Darwin
10824eaf2 remove go 1.13 from containerd
d30d897ef Cleanup v2 shim
c3c276ae1 Fuzzing: Fix for OSS-fuzz issue 36825
6c257552a scripts: declare ROOT closer to where it's used, and some DRY changes
dba0ef4eb scripts: add missing quotes, and minor linting issues
0cb656860 test/build-utils.sh: remove support for Debian Jessie
41a04246f Fuzzing: Add two more fuzzers
2c699cc35 Fuzzing: Remove panics of container_fuzzer
f2c3122e9 platforms: Format(): use path.Join() instead of joinNotEmpty()
acecd6603 Change protoc link
ce437864b mergo: Upgrade to 0.3.12 to fix panic
d1e868c83 ci: install criu from PPA
e692a0192 Add shared content label to namespaces
3a8622e30 Updates the location of protobuf downloads in docs
0d9393650 Update protobuf install to use correct repository
d62d6c11d Split release steps into multiple tasks
b4807122d Update release workflow to upload binary without CNI
67406b373 overlay: add an optional label of upperdir location of each snapshot
43117cf91 Script to check if entries in go.mod files are in sync
4ab3e7a53 runtime: fix the issue of create new socket with abstract address
cc88f8e0a Split fuzzer to two fuzzers
7a10fd4fc respect context timeout in shim binary call
23bc3db91 Enable critest on Windows
494b940f1 Introduce a new go module - containerd/api for use in standalone clients
4fdb88464 add CRI support matrix to RELEASES.md
b5fc7846c adding a little more clarity
1d3d08026 Support SIGRTMIN+n signals
18d6cc1b0 update gotestsum to v1.7.0
efa8ab715 Add runtime label to metrics
6294235d8 Fuzzing: Add container fuzzer
2405671d4 platforms: add "ios" as known OS, "loong64" as known ARCH
2556aac67 Fuzzing: Add archive fuzzer
0d45ac14e interface about shim build check
00d52bb15 integration: log all processes to investigate the test failure
f1d79d33b Discard blocks when removing a thin device
d2b6d192d Update cpuguy83/go-md2man binary to v2.0.1
53ec1abec remotes/docker/pusher.go: Fix missing Close()
67d07fe5c remotes/docker/fetcher.go: Fix missing Close()
0789a0c02 Add docker fetch fuzzer
b483177ee Support custom compressor for walking differ
150e07b64 Use systemd cgroup driver for cgroupv2 tests
603962bc8 update gotestsum to current master
a12c7bd1c go.mod: runc v1.0.1
43e0594ae update runc binary to v1.0.1
9537bc265 Dockerfile.test: build containerd in separate stage
36be5ef3a Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding
8faacfca1 Dockerfile.test: clean up apt indexes after installing
9f7e6335c Dockerfile.test: build critools in a separate stage
7ec8e2d36 Dockerfile.test: build cni in a separate stage
f9f423c07 Dockerfile.test: standard directory to collect build aftifacts
e9f26eb87 Dockerfile.test: split dev stage, and optimize order
25fada0cc Dockerfile.test: skip curl, gcc, git and make install
546538971 install-critools: make sure DESTDIR exists
dbef1d56d runtime: runc v2: remove redundant validation
18321f539 Move loop check to before sleep
2e8a572df Add timestamp to flaky restart monitor test
55fd2ab5d integration/client: go mod tidy
e72046f86 Update Go to 1.16.6
bc4e416c8 Add test for archive breakout test for lchmod
894b6ae39 Fix missing Body.Close() calls on push to docker remote
ac75071b4 remove pkg/cri/platforms package
0a8802df6 Allow WithServices to use custom implementations
aefabe546 Dockerfile.test: add "cri-in-userns" (aka rootless) test stage
53835221f Cleanup lchmod logic in archive
d1c105192 use fu wei's suggeted interface pick for marshaling
14962dcbd add alpha version
4c6e4a06f gha: make release workflow work in forks
73d28ddeb client: surface a connection error more clearly
a7ad6b3be Add support for registry host path override
3a0b9ec6b Add unit test for plugin
95c708572 Update documenation for OCI distribution 1.0
a81f05f36 [Vendor] Update hcsshim to 0.8.18
16deba098 integration: Windows volume-copy-up images
63fe34add grpc config add options tcp_tls_ca
a5c417ac0 move up to CRI v1 and support v1alpha in parallel
bda7b5866 feat: Add snapshotter label to the new snapshot for container.
2019a1e68 Makefile: fix DESTDIR and PREFIX concatenation
04ab4418f test integration: Adds a test that restarts a failed container
03ee45006 snapshot/devmapper: log exported methods correctly
a964cf0cc un-export mount.FMountat
21f532d51 move sys.FMountat() into mount package
dac2543a0 sandbox: send pod UID to CNI plugins as K8S_POD_UID
5a0beaefb sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils
f913a4275 go.mod: runc v1.0.0
28bb59c08 update runc binary to v1.0.0 GA
63c185da9 content/local: inline sys.StatATimeAsTime()
09d78bb6b allow multi gpu to be specified via ctr
560e7d479 fixing some doc links
d9694b297 Sync integration/go.mod with root go.mod
4a46ea2f4 archive: Expose ChangeWriter to allow customized diff computing
cd33c007c CI: Switch to available latest images
75b4c83f0 fix deprecation config for default runtime
1bbee573a github.com/golang/protobuf/proto is deprecated
91c8fa452 Update github.com/golang/protobuf from v1.3.5 to v1.4.3
b7e79dc5a Update google.golang.org/grpc from v1.27.1 to v1.38.0
8d2e156dd Increase golangci-lint timeout
87a2e0b2a runtime,v2: Enable debug when containerd is on debug+ log level
05e51539a command line flags of setting container rootfs propagation
394f86475 Re-enable criu in main integration runs
1dada3fc2 add cgroupv2 setup for cos with a flag
bfbebf02b Update gotestsum to add timestamps to junit output
2bb8ad7c9 Makefile: pass build tags to manpage build process
f60d447c1 Makefile: fix tags parameter computation
9c01fe20d Allow to pass --no-cgroup option to nvidia-container-cli
77374e8b3 Makefile: FHS conformant manpage installation pathes
3ab974433 Add proper Go version before project checks
af5a130bc Enable cri-integration in Windows Periodic Tests
7a2b04758 adds explanation for seccomp unset/unconfined default vs runtime default
01585595a update integration/client go.sum
419d616fe Install specific golang version in Windows CI.
69f43d458 Revert diff/walking error change
728743eb2 Fix cleanup context of teardownPodNetwork
014748bc0 fix invalid validation error checking
cabe67736 tests: Use EnsureImageExists for image pulling
a78bdf22d tests: Refactors PodSandbox creation
9a451d103 Update opencontainers/selinux to v1.8.2
93e268f62 tests: Symlink volume tests
edfd8d599 Change Wrapf of non-error to an actual error
a93b5cbc2 Install apparmor parser for arm64 environment
5f0fc4893 Add creation timestamp to RG
75daf45be docs: explicitly mention containerd's Prometheus path
2f870aa89 integration: Cleanup containerd on test teardown
558fdc680 diff/walking: fix defer cleanup
b5f530a15 Makefile: fix DESTDIR environment variable behaviour
498bb36f6 scrub the stale TODO
93d4541a2 docs/cri: update ocicrypt link
792466495 docs/cri: fix broken links
05c03de94 Update Windows periodic tests
9fcea1d3f Rename atomicWrite to writeToCompletion
b996e49c5 Do not run btrfs tests if btrfs kernel module is not loaded
50ad4b96c Fix incorrect UA used for registry authentication
923ab5b7c Makefile: use $@ for target file names
535d9cc59 ctr: parse mount options with embedded = character
a4f97d45d Add ruleset=4 option
5dec27b6f ctr: exec handle pty resize after Start
e1c845df5 Fix small typo
b9378b452 ctr: exec setup IO with console
869375a41 Remove useless lines
79e345221 update the link
1acca8bba Don't check for apparmor_parser to be present
ec28288f4 bump runc version to v1.0.0-rc95
599127f4d update runc binary to v1.0.0-rc95
a5b1740bb fixed typos
77285e311 Schedule Windows job daily after midnight.
2b58782df Update windows-periodic.yml
5dbae87c5 Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0
1093f05ab Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
b6a251749 bump hcsshim version to v0.8.17
b1d4140a2 Update docker resolver to authorize redirects
09a0c9471 tests: Adds support for Windows cri-integration tests
315739251 just release ctd-decoder not ctr-enc
1442fee22 Remove mountpoints not commonly mounted on FreeBSD
fc4da9728 Pin integration test image for alpine
9643c9965 Makefile: allow overriding install command via environment
4b1b8346b Makefile: make sure manpages are built before install-man
6e249b1ae adds credentials description
de04b3243 Add copyright header & make sure compilation succeeds on all platforms
e1fd6be7e Fix mounts for FreeBSD
de6db4038 Update vendored runc to v1.0.0.0-rc94
5c99f150a Update the runc binary used with containerd to runc v1.0.0-rc94
b890f056e Fix content.ReaderAt close
c5797c8fc Update releases doc with updated support timeline
c74a6c419 update to new cri-tools make install
e37ddafab metadata: modify NewLeaseManager to return leases.Manager
79d800b9b Update Go to 1.16.4
0ba7303ee Prepare default branch rename
7d70992d3 tests: add test for adaptor
e120261ee windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
0b786908c doc: add missing namespaces package
b0d3b35b2 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
9ea25634b Makefile: allow overriding go command by environment
81402e475 Fix different registry hosts referencing the same auth config.
b56527cb7 update seccomp version
8014d9fee Skip TLS verification for localhost
b538d8f1a Update golang.org/x/sys to add linux/ppc support
b59e29773 adds description for hosts.toml
e26fc8472 go.mod: cut circular dependency on github.com/containerd/containerd
15e0bd513 integration/client: go mod tidy
98f5922b5 plugin: optimize the check for the last registration
273c2bb16 tests: Prepull images used in tests
402acd7c1 Small typo fix "reimporst"
f21627059 Use DeactivateLayer to recover layers that we cannot rename
421fc6ea7 Add CI periodic Windows Jobs.
c0e2f4b5d Try next mirror in case of non-404 errors, too
f8538b5e1 Fix error case in Windows layer cleanup
b592a4c1e oci: fix WithDevShmSize
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.8, which comprises the following commits:
ef071b07b mailmap: Add Kevin Parsons
2385fd14d Prepare release notes for v1.5.8
15d8c03e3 schema1: reject ambiguous documents
833407fbf images: validate document type before unmarshal
01428ec40 Fix containerd fails to pull OCI image with non-`http(s)://` urls
2bd3f18d9 [release/1.5] go.mod: Bump hcsshim to v0.8.23
047ea15d2 [release/1.5] go.mod: Bump ttrpc to 1.1.0
7b20299bc [release/1.5] update Go to 1.16.10
641976bea [release/1.5] update Go to 1.16.9
b988fc918 Output a warning for label image labels instead of erroring
3109820f5 Update test timeout based on recent cancellations
16762f3e5 Fix spelling mistake in Windows snapshotter
6094bc770 Use DeactivateLayer to recover layers that we cannot rename
bf02a8330 task delete: Closes task IO before waiting
aa7c9d9da Fix pull fails on unexpected EOF
bc2f973ff Prepare release notes for v1.5.7
f95fca079 btrfs: reduce permissions on plugin directories
68119b417 v1 runtime: reduce permissions for bundle dir
97db45e83 v2 runtime: reduce permissions for bundle dir
bc8fdf832 Update release notes and mailmap
77dafa20c Prepare release notes for v1.5.6
a4b51d119 Fix panic in metadata content writer on copy error
147705920 Use github images for integration tests
514137aa0 cri: add devices for privileged container
6bfd09f7c Enable image config labels in ctr and CRI container creation
923088852 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
4133c775c go.mod: update runc to v1.0.2
011fb4c0b update runc binary to v1.0.2
210d3bc15 Fix content copy to not ignore unexpected EOF
a863339c5 [release/1.5] update Go to 1.16.8
f3d46f828 CI: Switch to available latest images
c7ed09d55 Adding testing of two devices in a directory
0ca2e2751 Fix dir support for devices V3 (#4847)
0fd19511e go.mod: Update hcsshim to v0.8.21
c0534c168 [release/1.5 backport] cri: filter selinux xattr for image volumes
27e164648 Allow expanded DNS configuration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
github is removing git:// access, and fetches will start experiencing
interruptions in service, and eventually will fail completely.
bitbake will also begin to warn on github src_uri's that don't use
https. So we convert the meta-virt instances to use protocol=https
(done using the oe-core contrib conversion script)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/containerd to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-containerd, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/runc to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-runc, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.5-11-g69e5db821, which comprises the following commits:
27e164648 Allow expanded DNS configuration
8cfab161f CI: Switch to available latest images
b9d5cff5d Update Go to 1.16.7
fe195c343 mergo: Upgrade to 0.3.12 to fix panic
677fade0f Prepare release notes for v1.5.5
166a81f88 snapshot/devmapper: log exported methods correctly
eb4ba99fe Install apparmor parser for arm64 environment
0bc1e1d8a update seccomp version
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.4-12-g1c13c54ca, which comprises the following commits:
7b17268fd remotes/docker/pusher.go: Fix missing Close()
2f11d5855 remotes/docker/fetcher.go: Fix missing Close()
4c1722e2b Update docker resolver to authorize redirects
166a81f88 snapshot/devmapper: log exported methods correctly
d2cb9949b go.mod: runc v1.0.1
6807d070e update runc binary to v1.0.1
81cfab8f5 Prepare release notes for v1.5.4
d9b284bfd Try next mirror in case of non-404 errors, too
48d7a5c5c Prepare release notes for 1.5.3
defaec610 Update mailmap
43d089233 integration/client: go mod tidy
ac7bd5483 Update Go to 1.16.6 (cont.)
385d9ed00 Update Go to 1.16.6
a695a0704 [Vendor] Update hcsshim to 0.8.18
0515f9d2d Fix missing Body.Close() calls on push to docker remote
f5c7cb6e0 Add test for archive breakout test for lchmod
37a44de17 Cleanup lchmod logic in archive
78b95dff2 update runc binary to v1.0.0 GA
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.2-18-g9be04c276, which comprises the following commits:
78b95dff2 update runc binary to v1.0.0 GA
a2dc682f1 sandbox: send pod UID to CNI plugins as K8S_POD_UID
9d8880816 content/local: inline sys.StatATimeAsTime()
3735a7dfe Fix incorrect UA used for registry authentication
31ecdf77d Fix cleanup context of teardownPodNetwork
b441ec19f Add proper Go version before project checks
d31f5e6b6 fix invalid validation error checking
3fd01c4ea Change Wrapf of non-error to an actual error
cba7b44b6 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
354f729a4 Prepare release notes for v1.5.2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the released 1.5.x containerd.
We also add a patch to fix the following:
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
cannot find package runtime/cgo (using -importcfg)
...
recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding the following commits into our containerd build:
3187b6dc8 tests: Adds consumed memory stats test
969ec8949 Specify seccomp target arch for CC
c19b7b64d RELEASES.md: recommend alternatives for deprecated features
8a62aa1c3 Deprecate built-in aufs snapshotter
4e7915f80 CI: allow Go 1.13 for Docker/Moby compatibility
8e589e873 Vagrantfile: update to Fedora 34
5847340a7 tests: Refactors container image usage
9f43eade6 Prepare v1.5.0-rc.3 release notes
4c7b960cb prow needs some additional setup for docker buildx
2e4c1d4b7 Use the multi-arch version of the test images
4e00c4b65 integration tests needs lsof
177273680 Add script to build test images
1b5d59dfe Add multi-arch support for test images
78e529727 add integration tests
2b0e6cdd4 Separate jobs for build and test for openlab/arm64
cdd075853 Release artifacts for Linux ARM64
efcb18742 Add unit tests for PID NamespaceMode_TARGET validation
b48f27df6 Support PID NamespaceMode_TARGET
909660ea9 process: use the unbuffered channel as the done signal
0f332dadd Update cgroups for regenerated protos
391b123a5 adds quiet option for ref
ab1654d0e Fix PushHandler cannot push image that contains duplicated blobs
00f8d32ef add not found debug out for check cmd; update usage
55734b1c5 Prepare 1.5.0-rc.2 release notes
3ef337ae3 Update containerd vendors to tags
fbe1e140f Update Go to 1.16.3
c1d1edbad gha: use sudo -E in some places to prevent dropping env-vars
7966a6652 Cleanup code
5d79d3adb go.mod: update kubernetes to v1.20.6
1c03c377e go.mod: github.com/containerd/fifo v1.0.0
12a2a2108 go.mod: github.com/google/uuid v1.2.0
3292ea586 pkg/seccomp: use sync.Once to speed up IsEnabled
00b5c99b1 pkg/seccomp: simplify IsEnabled, update doc
6dd29c25f go.mod: github.com/containerd/aufs
330a2a809 go.mod: github.com/containerd/zfs
34780d67a runtime/shim: check the namespace flag first
c3dde8c4b freebsd: add zfs to the default plugins
b431fe4fc freebsd: don't run shim delete in deleted dir
1f4192daf freebsd: exclude v1 runtimes
cb1580937 metadata: improve deleting a non-empty namespace's error message
5bf84034d Remove junit test result processor
b83d04f91 Add variable names to runtime's interface definitions
993b86399 Add shim start opts
8a4cbabc6 Reimport windows layers when comitting snapshots
af1e2af72 ci: upload junit formatted test results
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
