| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pulling in the small set of commits that move us to the
1.2.3-dev cycle:
5a117bfc Bump c/storage to v1.24.8 and c/image to v5.10.5 for RHEL 8.4 in release-1.2
560a34af Bump to v1.2.3-dev
b94b7dc0 Bump to Skopeo v1.2.2
f78bf42c Bump c/common c/image and c/storage to latest
b4210c0b Fix gating test in release-1.2 port #1169
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping the SRCREV to include the following commits:
ef9922c2 libct/cg: don't return OOMKillCount error when rootless
5cdd9022 libct/cg/fs[2]: fix comments about m.rootless
2f1a3ed3 Fix vendored dependencies
d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0
f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach
928ef7af libct/nsenter: add json msg escaping
52390d68 Ignore kernel memory settings
b7c315ad vendor: bump containerd/console to 1.0.2
b6cdb8ae fix a typo
64bb59f5 nsenter: improve debug logging
6ce2d63a libct/init_linux: retry chdir to fix EPERM
c5029c00 tests: fix hello-world tarball name in testdata for arm64
289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1
4316df8b libcontainer/system: move userns utilities to separate package
e7fd383b libcontainer/system: un-export UIDMapInUserNS()
249356a1 libcontainer/system: remove unused GetParentNSeuid()
dc52ed25 libcontainer/user: remove outdated MAINTAINERS file
72ecf59c libcontainer/user: fix windows compile error
2515b0c2 libct/user: rm windows code
0596f6e1 libcontainer/devices/device_windows.go: rm
b1deba8c libcontainer/configs/config_windows_test.go: rm
f1586dbd libcontainer/configs/validate: make Validate() less DRY
4126b807 libcontainer/configs: add missing type for hooknames
48125179 go.mod: github.com/cilium/ebpf v0.4.0
44611630 docs/systemd: add
27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default
d748280a make release: build/include libseccomp
aa6da82c script/release.sh: fix shellcheck warnings
3eb46d89 ci: make static built binary available
f0dec0b4 libct/specconv/CreateCgroupConfig: nit
36fe3cc2 tests/int/cpt: fix lazy-pages flakiness
2dd62b3d libct/checkCriuFeatures: rm excessive debug
0e089002 tests/int/checkpoint: close lazy_r fd
b09030a5 tests/int/checkpoint: close fds in check_pipes
e63df1e6 tests/int: really randomize cgroup/unit names
6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE
adf733fa vendor: update go-systemd and godbus
f09a3e1b tests/int: don't set/use CGROUP_XXX variables
4ecff8d9 start: don't kill runc init too early
b1184302 libct/configs/validator: add some cgroup support
79a8647b libct/int: add TestFdLeaks
b3be2b0b libct: close execFifo after start
08b52797 Make test specific to disassembleFilter function
7b3e0bcf Ensure the scratch pipe is read during ExportBPF
62f1f0e4 tests/int/checkpoint: check all logs for errors
346cb359 Revert "tests/checkpoint: show full log lazy pages cpt"
c9b3787b script/check-config.sh: add SELinux and AppArmor
5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities
e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
2726146b runc --debug: more tests
201d60c5 runc run/start/exec: fix init log forwarding race
c06f999b libct/logs/test: refactor
688ea99e runc init: fix double call to ConfigureLogs
dd6c8d76 main: cast Chmod argument to os.FileMode
69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner
0300299a tests/int/debug.bats: fixups
d38d1f9f libcontainer/logs: use int for Config.LogPipeFd
ac93746c libct/seccomp: rm IsEnabled
9b2f1e6f runc version: don't use seccomp.IsEnabled
d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER
997e8942 capabilities.Caps: use a map for capability-types
41f466d8 nsexec.c: fix formatting for netlink defines
522bd641 Fix checking C code formatting
1948b4ce cloned_binary.c: rm redundant comments
b67deb56 nsexec.c: rm a block
513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias
dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b
a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection
d6e89248 Fix build-tags in libcontainer/devices
f585cec7 libct/cg/v2: always enable TasksAccounting
8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight
74299a1c CI: cache ~/.vagrant.d/boxes
97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf
db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set
051646a3 tests: test nested bind mount restore
705b6cc7 Re-create mountpoints during restore
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to 2.0.27. Also, move to a _git suffix on the recipe.
We already had one bump that made the extension and PV be out
of sync. Since we track this by git increments, not release
or release tarballs, the _git is appropriate.
The following changes are part of this update:
3efab3e Add Kubernetes e2e tests as GitHub action
0114f3c move integration to gh actions
186038c run make vendor
31c5a2e add tests running a runtime
c53c155 always set container pid file
1955f59 write runtime stderr to journal on error
af1f3c4 some small cleanups
6c38b5a Use less resources
355dbf1 conn_sock: fix potential segfault
4587294 ci/gha: bump runc to rc93
92867a7 Add Podman integration test GitHub action
1ec43d9 bump to v2.0.28-dev
65fad4b bump to v2.0.27
dd99302 Add CRI-O integration test GitHub action
911c786 exec: don't fail on EBADFD
3ac015e close_fds: fix close of external fds
1c7e6fb Add arm64 static build binary
c3f31c0 bump to v2.0.27-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating cri-tools. We refresh a patch, and change the recipe
to capture the binary from build/bin versus _output dir.
The following commits are part of this bump:
e0b90a7f Increase image build timeout
8f0434e8 Add image-test builds to main cloudbuild script
b796452d Add windows images to build script
e1e9f853 Bump github.com/docker/docker
0cd06f41 Add hostnet-nginx image build to main script
74ccfeaf Bump k8s.io/api from 0.0.0 to 0.21.0
c98b734a Bump k8s.io/kubernetes from 0.0.0 to 0.21.4
109fb62d Bump k8s.io/kubectl from 0.0.0 to 0.21.0
534d9f03 Bump k8s.io/apimachinery from 0.0.0 to 0.21.0
8c5599a6 Bump k8s.io/cri-api from 0.0.0 to 0.21.0
8694106a Bump README versions to v1.21.0
b953f776 Update dependencies
ef872c25 Add dependabot config file
eaf18dae Simplify test image build process for user images
afb5b62c Move from gcr.io/cri-tools to gcr.io/k8s-staging-cri-tools
1b32fe8d Fix UID/GID and username values for test images
f749fc76 Bump gcb-docker-gcloud image to v20210331-c732583
916fae03 add docker.io/ prefix to image:busybox in docs/examples/
a0d17c4a Fix CRI-O master installation in GitHub actions
791ddab1 fix StartedAt and FinishedAt of the container status
2d5c2872 Fix CRI-O master installation in GitHub actions
44fd67ce Makefile: avoid rebuilding binaries
14485a8c support mips64le architecture.
c8c1ebae Modify hack/release.sh script to include sha256 sum files
ec31d9a2 Trigger prow job
3e939cf7 Update CRI-O to v1.20.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping the latest 1.21 release changes, which comprise the
following commits:
bce3e6c5f Fix tests
ec1a512ac Bump to v3.1.1-dev
9f09fb62c Bump to v3.1.0
1386f9046 Fix test failure
38bb77c5b Update release notes for v3.1.0 final release
670e1ac67 [NO TESTS NEEDED] Turn on podman-remote build --isolation
ac4bdd265 Fix long option format on docs.podman.io
96ffce219 Fix containers list/prune http api filter behaviour
e772719bf [CI:DOCS] Add note to mappings for user/group userns in build
52cd3ce2d Validate passed in timezone from tz option
633ae014e Generate Kubernetes PersistentVolumeClaims from named volumes
c9640bab7 libpod/image: unit tests: use a `registries.conf` for aliases
43c772aa2 libpod/image: unit tests: defer cleanup
396a59b02 libpod/image: unit tests: use `require.NoError`
a01b387e8 Unification of until filter across list/prune endpoints
183a68a81 Unification of label filter across list/prune endpoints
d1589f280 fixup
31351ad94 fix: build endpoint for compat API
7148544df [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot
88672b58c Check if stdin is a term in --interactive --tty mode
23f3805df [NO TESTS NEEDED] Fix rootless volume plugins
5e3445e6e Ensure manually-created volumes have correct ownership
6b6989206 Support multi doc yaml for generate/play kube
d560f168f Correct json field name
573ed9220 Fix filters in image http compat/libpod api endpoints
1b349d79a podman generate systemd --new do not duplicate params
1089f83a4 Fix podman build --pull-never
be02c8581 man pages: correct seccomp-policy label
62b49e176 [NO TESTS NEEDED] Use same function podman-remote rmi as podman
3d1aaffdb Add problematic volume name to kube play error messages
d498022fd Fix list pods filter handling in libpod api
66b1c2bd9 [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS
b55730180 Remove resize race condition
e7dc66d83 [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0
57e0d8f29 Use TMPDIR when commiting images
505f43c08 Add RequiresMountsFor= to systemd generate
15da607d1 Fix swapped dimensions from terminal.GetSize
0127cc184 Revert go-systemd to v2.22.0
4f11517c0 Cirrus: Update configuration for v3.1 branch
834f4caaa Bump to v3.1.0-dev
1b56ea2d9 Bump to v3.1.0-rc2
1ae87ff46 Update release notes for v3.1.0-RC2
3b609a706 Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.3.0
1dfbdd5d9 Fix system prune cmd user message with options
afce37671 System tests: reenable a bunch of skipped tests
417f36281 Cleanup /libpod/images/load handler
adf652e2a vendor: drop replace for github.com/syndtr/gocapability
e85cf8f4a security: use the bounding caps with --privileged
f46b34ecd Bump github.com/containers/common from 0.35.0 to 0.35.3
5a18b5eb7 Bump k8s.io/apimachinery from 0.20.4 to 0.20.5
aa2d6e6e6 Fix volumes and networks list/prune filters in http api
ec1651fbf Bump github.com/containers/storage from 1.25.0 to 1.28.0
1ca74b00d add a dependabot config to automate vendoring
a596d1f5d Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
8ea02d0b6 network prune filters for http compat and libpod api
8da5fd820 test: check for io.stat existence on cgroup v2
592aae4f9 test: fix test for last crun/runc
1c873c7da test: simplify cgroup path
af3499db5 Latest crun/runc should handle blkio-weight test
82858a97c fix user message image prune --all
3d01d42f2 Docs: removing secrets is safe for in-use secrets
21f229a3d Downgrade github.com/coreos/go-systemd/v22
e8918ff10 pkg/bindings/images.Build(): fix a race condition in error reporting
310eae4ba Switch all builds to pull-never
963d19c75 System test cleanup
f4b2d597a Fix for volumes prune in http compat api
8de560703 Fix remote client timezone test
57e8c6632 Do not leak libpod package into the remote client
762148deb Split libpod/network package
955aaccc5 fix use with localhost (testing)
9251b6c8c add /auth for docker compatibility
3803d0a4a create endpoint for querying libpod networks
12fb9e465 Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1
660a72993 sdnotify tests: try real hard to kill socat processes
7b0155cf7 Fix array instead of one elem network http api
92a8d69a7 Delete all containers and pods between tests
258749e43 apiv2 tests: finally fix POST as originally intended
c9ef26071 Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
f1eb8e816 Removing a non existing container API should return 404
dc0c72a48 Docs: Add docs to access APIs inside container
6d4899745 options: append CLI graph driver options
930bec4d3 podman load: fix error handling
1f2f7e745 podman cp: evaluate symlink correctly when copying from container
2033fa4c7 rm pkg/api/handlers/libpod/copy.go
31b11b5cd podman cp: fix copying to a non-existent dir
a61d70cf8 podman cp: fix ownership
2abfef380 podman cp: ignore EPERMs in rootless mode
d175fbfdb vendor buildah@v1.19.8
e33f52390 apiv2 tests: add helpers to start/stop a local registry
e926b5d73 Bump to v3.1.0-dev
aa9616cd4 Bump to v3.1.0-rc1
e9db60492 allow the removal of storage images
9eac4a7f7 podman-remote build does not support volumes
d1878cc67 Compat API: Avoid trying to create volumes if they already exist
7e289833e Bump github.com/onsi/gomega from 1.10.5 to 1.11.0
0e36e65ea Allow users to generate a kubernetes yaml off non running containers
80390dd18 Bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1
d0d084dd8 turn hidden --trace into a NOP
320df8388 pkg/terminal: use c/storage/pkg/homedir
cc7a7568a Update nix pin with `make nixpkgs`
9e75cafd5 build-arg
326f3eda3 Handle podman build --dns-search
01ffe2c30 podman build --build-arg should fall back to environment
2c500a814 Add support for podman build --ignorefile
1a33b7648 replace local mount consts with libpod/define
e4da5096b separate file with mount consts in libpod/define
9fc29f63e Correct compat images/{name}/push response
a910f74ea [NO TESTS NEEDED] Bump pre-commit-hooks version
3ae580b0e [ci skip] Bad formatting fix in build documentation
803e58b36 Bump github.com/containernetworking/plugins to v0.9.1
d107c3729 podman-remote stop -time 0 does not work
5bb8fa30b Do not return from c.stop() before re-locking
2bcc95257 Fix for podman network rm (-f) workflow
3396343d4 Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0
efc592fba Bump github.com/containers/buildah from 1.19.6 to 1.19.7
793c52dd5 Add tests for selinux kvm/init labels
8453424e2 Respect NanoCpus in Compat Create
a090301bb podman cp: support copying on tmpfs mounts
e43385eca image removal: ignore unknown-layer errors
aa0a57f09 Fix cni teardown errors
f86d64130 Use version package to track all versions
252aec1c9 Check for supportsKVM based on basename of the runtime
53d22c779 Compat API: create volume source dirs on the host
61e626c85 Makefile: add install.docker-docs-nobuild for packaging use
81a3f8a43 Add /sys/fs/cgroup as readonly path in docs
8f2192922 Add network summary to compat ps
4eed89aca Fix possible panic with podman build --iidfile
9391bfc52 Add version field to secret compat list/inspect api
b19791c0b Tidy duplicate log tests
5df625140 Fix support for podman build --timestamp
43e899c2e Rewrite Rename backend in a more atomic fashion
91b2f07d5 Use functions and defines from checkpointctl
bf92e2111 Move checkpoint/restore code to pkg/checkpoint/crutils
bd819ef7d Vendor in checkpointctl
2c8c5393a Support label type dict on compat build
ac992e4b0 Makefile: install systemd services conditionally
63a3b8a09 podman-system-service.1.md: fix timeout example
774aea45e swagger: update the libpodPutArchive operation verb
3908c0079 Makefile: split install.docker-docs from install.docker
2f0fc2911 Bump RootlessKit v0.14.0-beta.0
8b7caa6d0 Compat api containers/json Ports field is null
14d5bd164 Bump github.com/cri-o/ocicni to latest master
7927fe01f Refactor python tests to run against python3.9
9435e5b79 APIv2 tests: make more maintainable
e9d94dc90 [CI:DOCS] Improve release process docs
375201633 podman rmi: handle corrupted storage better
d9cb135b6 Enable cgroupsv2 rw mount via security-opt unmask
cc679d952 podman-image-sign.1.md: typo fix
f54ed7269 compat api network ls accept both format options
680dacaea Enable no_hosts from containers.conf
fcce1da1b Correct compat images/create?fromImage response
ba319e3ba [Compat API] Also print successfully tagging images in /build endpoint
43d010bd0 Fix parsing of Tmpfs field in compat create
24d9bda7f prune remotecommand dependency
bee21f1e4 system test image: build it multiarch
ef549235e Updated based on Jhonce comments
ccbe4ff73 updated common to 0.35.0
836bfebb4 Refactored file
1aa96ed2e swagger: removes the schema type for PodSpecGenerator $ref
431f75519 podman-system-connection.1.md: fix copy/paste error
90050671b Add dns search domains from cni response to resolv.conf
f152f9cf0 Network connect error if net mode is not bridge
fc32ec768 Sort CapDrop in inspect to guarantee order
79eaadd3f podman upgrade tests
3947feb4b test: ignore named hierarchies for cgroups=split
e5ac28f3b container removal: handle already removed containers
a775c5920 Bump github.com/rootless-containers/rootlesskit from 0.13.1 to 0.13.2
0ab32d11d Bump k8s.io/apimachinery from 0.20.3 to 0.20.4
874f2327e Add U volume flag to chown source volumes
fcf669fd9 Replace Labels and Options nulls with {} in NetworkResource
4875a8fb4 Cirrus: Temp. disable prior-fedora (F32) testing
f3a8e3324 podman cp: test /dev/stdin correctly
8577be72e podman cp: treat /dev/stdout correctly
e87c5b6c1 cgroup: change cgroup deletion logic on v1
9d818be73 Fix podman network IDs handling
d9655b0f0 pr-should-include-tests: recognized "renamed" tests
d2f3098c6 --no-header flag implementation for generate systemd
af7a68fa8 [NO TESTS NEEDED] Make binding util internal
c236aebb9 Two variations of --new flag added to e2e
a2e1b3eab swagger: add missing schema properties
5dded6fae bump go module to v3
d333ef82b Fix 'storage.options' indent
d886cd930 Bump github.com/sirupsen/logrus from 1.7.1 to 1.8.0
b40d778f4 Bump github.com/containers/buildah from 1.19.4 to 1.19.6
05eb06f56 Turn on journald and k8s file logging tests
f06dd45e0 Allow podman play kube to read yaml file from stdin
43a581904 Log working dir when chdir fails
d6b0b5412 Fix segfault in run with memory-swap
e1ad50654 leak fix in rootless_linux.c fcn can_use_shortcut
612ba6aa8 Fix journald logs with more than 1 container
9016387bb Fix journald logs --follow
f2d057c94 Fix journald logs --since
fbc50e528 fix journald logs --tail 0
cf2a55189 [CI:DOCS]basic networking guide
71689052a cp: treat "." and "/." correctly
caa0bc157 [CI:DOCS] [NO TESTS NEEDED] Update swagger doc for libpod container wait
31eca5c20 Bump k8s.io/apimachinery from 0.20.2 to 0.20.3
e022c1975 Don't switch on a single case
3e168b19f Quote URL
b3f9559c8 bindings: support simple types that implement fmt.Stringer interface
9699e81a0 API: fix libpod's container wait endpoint condition conversion
a9d548bf7 Change source path resolution for volume copy-up
e2d5a1d05 podman ps --format '{{ .Size }}' requires --size option
12b6342c3 infra: downgrade warning to debug
12a577aea Ignore entrypoint=[\"\"]
684290725 Bump github.com/sirupsen/logrus from 1.7.0 to 1.7.1
68a8d397c Add missing early returns in compat API
5d1ec2960 Do not reset storage when running inside of a container
958f90143 podman kill should report rawInput not container id
759fc9334 Fix an issue where copyup could fail with ENOENT
2ec0e3b65 do not set empty $HOME
2a21ecafa images/create: always pull image
f2f18768a Fix panic in pod creation
0fd480708 Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1
2845f7b83 podman build: pass runtime to buildah
39c1fdb15 correct startup error message
690c02f60 Add missing params for podman-remote build
a532994f8 Fix typo podman run doc in flag -pid=mode "efault"
4a9bd7a18 When stopping a container, print rawInput
714acf326 fix create container: handle empty host port
3d50393f0 Don't chown workdir if it already exists
bf083c185 Fix broken podman generate systemd --new with pods
227c54813 fix dns resolution on ubuntu
0ab5bfd31 e2e: fix network alias test
704fa8b55 fix failing image e2e test
9a24d5098 Update troubleshooting.md
6ffd05d0b [NO TESTS NEEDED] Refactor generated code
2c31f3839 Fix superfluous response.WriteHeader call in WaitContainerLibpod()
4067f3a4d change ps Created to unix
78b419909 Enable more golangci-lint linters
adfcb7460 make layer-tree lookup errors non-fatal
78c8a8736 Enable whitespace linter
69ab67bf9 Enable golint linter
ef2fc90f2 Enable stylecheck linter
40c3c972d Update Master to reflect the 3.0 release
660a06f2f utils: takes the longest path on cgroup v1
5f999b6bc container ps json format miscue
8e2fae186 Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
1b5f3ed24 utils: create parent cgroups
9196a5ce3 utils: ignore unified on cgroupv1 if not present
f4fd25a00 utils: skip empty lines
f28b08fe9 Correct compat network prune response
5ccb1596b Display correct value for unlimited ulimit
fdf39e169 apiv2: handle docker-java clients pulling
ea910fc53 Rewrite copy-up to use buildah Copier
31b2b2cc2 bump to v3.1.0-dev
68133414f [NO TESTS NEEDED] Update linter
46b014bad Bump github.com/spf13/cobra from 1.1.1 to 1.1.2
1cc387bf7 Add shell completion tests for secrets
f4ece018b Docker APIv2 push sends digest in response body
f2a856203 Fix compat networks endpoint for a empty result
21deafba8 hardening flags for fedora rpmbuilds
e15e170ac [CI:DOCS]First pass at release process
46385dd60 Restart service when CONTAINERS_CONF changes
cc846a8cd Support annotations from containers.conf
68414537c vendor github.com/containers/image v5.10.2
ea704da72 APIv2 tests: lots of cleanup
721a1e104 Fix Docker APIv2 push endpoint
48c612cf6 generate kube: support --privileged
08d8290f1 Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0
832a69b0b Implement Secrets
45981ba29 Bump containers/buildah to v1.19.4
1caace8f4 Allow path completion for podman create/run --rootfs
6c75419a8 Cirrus: Send cirrus-cron report e-mail to list.
feecdf919 make `podman rmi` more robust
407e86dcd Implement missing arguments for podman build
3c3e644c1 vendor latest containers/common
91ea3fabd add network prune
821ef6486 fix logic when not creating a workdir
002f2aca7 Bump remote API version to 3.0.0
6c713984e play kube selinux test case
5c6ab3075 Fix podman network disconnect wrong NetworkStatus number
05444cb2c Fix per review request
c995b5460 generate kube: handle entrypoint
96adf0e2a play kube selinux test case
2b8d6ca09 Increase timeouts in some tests
3c57bc845 Add test for Docker APIv2 wait
4a219aa23 Implement Docker wait conditions
fc385806d Improve ContainerEngine.ContainerWait()
570e1587d Improve container libpod.Wait*() functions
6a6e86829 Cirrus: Collect ginkgo node logs artifacts
ebc42f508 Bump github.com/containers/storage from 1.24.5 to 1.25.0
9dc795191 Bump github.com/containernetworking/cni from 0.8.0 to 0.8.1
bc149a4dd bindings: attach: warn correct error
d87f54fbb Fix invalid wait condition on kill
dfa9a340a Makefile: make bin/* real targets!
3d105015f typo
c40cd1be9 Bump github.com/onsi/gomega from 1.10.4 to 1.10.5
bda95bdb6 Update nix pin with `make nixpkgs`
1c50e09b0 System test for #9096 (truncated stdout)
432ee04c5 play kube selinux label test case
e0bc8ffb5 Gating tests: diff test: workaround for RHEL8 failure
bde23a021 [NO TESTS NEEDED] style: indendation
89df89b5f [NO TESTS NEEDED] fixup: remove debug code
7e4d696d9 Report StatusConflict on Pod opt partial failures
bd0e22ed1 Honor network options for macvlan networks
095919680 Make slirp MTU configurable (network_cmd_options)
ac3bd4c33 [NO TESTS NEEDED] Generated files
5a746c08f [NO TESTS NEEDED] Improve generator
c68b59f97 play kube selinux label issue
e9f936a29 Makefile: refactor ginkgo * ginkgo-remote
931ea939a Allow pods to use --net=none
323ab314e Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
077fd670b Update release notes for v3.0.0
ee8ee651d New 'make completions' target
e11d8f15e add macvlan as a supported network driver
5352df226 Fix podman generate systemd --new special char handling
eaafd975a Bump github.com/rootless-containers/rootlesskit from 0.12.0 to 0.13.0
51c11fea8 Endpoint that lists containers does not return correct Status value
3cfd4ce45 Fix --network parsing for podman pod create
9b5b03d1e list volumes before pruning
4a6d042c2 Docker ignores mount flags that begin with constency
cdbbc6120 podman generate kube ignores --network=host
073f76c13 Switch podman stop/kill/wait handlers to use abi
b842d97f5 [CI:DOCS]build instructions for macOS
280f332bd Vendor in containers/buildah v1.19.3
ca0dd76bf Honor custom DNS in play|generate kube
d7c356552 Podman-remote push can support --format
b74f939fb Bump github.com/containers/image/v5 from 5.10.0 to 5.10.1
8d979e093 Cirrus: Build static podman-remote
c0bf0ba9e podman build --pull: refine help message and docs
c450092fd Revert "podman build --pull: use correct policy"
75c3b3389 Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0
59076888d Cleanup bindings for image pull
89bb8a9b3 Don't fail if one of the cgroups is not setup
1fac43654 Add support for rootless network-aliases
c717b3cac Allow static ip and mac with rootless cni network
15caebfe5 podman build --pull: use correct policy
bfc1b66be Cirrus: Fix running Validate task on branches
f8bf509d1 Fix static build cache by using cachix
84f7bdc4d Switch podman image push handlers to use abi
fee2fadc3 e2e tests: synchronize test results
21cb3043f podman-remote ps --external --pod --sort do not work.
f79d68eea Fix podman history --no-trunc for the CREATED BY field
c63599d36 remote exec: write conmon error on hijacked connection
e9f4fb975 Fix #9100 Change console mode message to debug
02ec5299f Add default net info in container inspect
1ae410d19 Ensure the Volumes field in Compat Create is honored
35c89ccc5 [CI:DOCS]update state of restful service
0f668aa08 workdir presence checks
7b186dcb9 libpod: add (*Container).ResolvePath()
74a63df05 Fixup search
97f5e9458 Pass DefaultMountsFile to podman build
5350254f0 Ensure shutdown handler access is syncronized
33179c281 System tests: cover gaps from the last month
5623cb9d3 Fix --arch and --os flags to work correctly
a86d23c75 Bump github.com/google/uuid from 1.1.5 to 1.2.0
75698b4b7 Fix typo
393a8f026 disable dnsname when --internal
ef76b92b8 swagger.go: Fix compilation error
8c1768e38 Fix fish completion issue if the command is prefixed with a space
a457c5c92 Bump golang.org/x/crypto
0ba1942f2 networking: lookup child IP in networks
c182091b0 Small API test improvement for compatibility search endpoint
6e6a38b41 podman manifest exists
c9baa6b93 Accept and ignore 'null' as value for X-Registry-Auth
4b8df5903 Turn on some remote test
94f96c78a Add a notice to remove pod before starting service
ef654941d libpod: move slirp magic IPs to consts
5e65f0ba3 rootlessport: set source IP to slirp4netns device
37319dec1 vendor: update rootlesskit to v0.12.0
2fa67fe4b api: fix import image swagger definition
9d31fed5f podman volume exists
4e4d318b7 Cirrus: Upload swagger YAML in every context
dbb99433d [CI:DOCS] Cirrus: Skip smoke task on branch-push
836fa4c49 Move the cni lock file into the cni config dir
c1cd512cb Use random network names in the e2e tests
3fedb2b6d [CI:DOCS] Update project name in Code of Conduct
f43046745 Set log driver for compatability containers
c3cbaa355 Make generate systemd --new robust against double curly braces
6518391e8 Fix man page for fuse-overlayfs config in rootless mode
a3621a7cf Cirrus: add bindings checks
e7df73efa Fix handling of container remove
41a7e11c7 make bindings generation explicit
f302ce578 make bindings generation more robuts
175fc3867 Revert "ginkgo: install on demand via `go get -u`"
37abec240 [CI:DOCS] fix go-md2man HTMLSpan warnings
9f6bb3563 CI: smoke test: insist on adding tests on PRs
a45d22a1d podman network exists
de05e5816 ginkgo: install on demand via `go get -u`
d2ee3d815 runner.sh : deal with bash 'set -e'
4ccb0729b Add binding options for container|pod exists
683bab03f [CI:DOCS]Do not run compose tests with CI:DOCS
2df59829e simplify bindings generation
462994268 make: generate bindings: use vendor
caaaa2c5e hack/install_golangci.sh: smarter install
f38b7f48c golangci-lint: install to ./bin
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Updating kubernetes to the 1.21 release. Minor build changes and
patch refreshes were required.
The changelog is massive, so we won't list it here.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to the latest 1.20.x release, which comprises the following
commits:
b06a5ffc2f Update to v1.20.6
77390596e6 add cloud controller manager fixes from master
ef28edaf9a Update to v1.20.6
1521e3b085 Resolve local retention issue when S3 in use.
221c9ae589 add hidden attribute to disable flags
9a572ecae0 delete nocluster file and remove build tag
3f73665131 remove hidden attribute from cluster flags and related code
29f6275aae add etcd s3 secret and access key flags and env vars to secret data
355fff3017 Update to Kubernetes v1.20.5 (#3094)
c09142a3a7 put etcd bootstrap save call in goroutine and update comment
a2b1d28c68 [release 1.20] containerd: v1.4.4-k3s1 (#3086)
62839b302a remove duplicate method
0167f86f5d Have Bootstrap Data Stored in etcd at Completed Start (#3038)
1da86eaa0b Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902)
0a3360fc6f Add ability to perform an etcd on-demand snapshot via cli (#2819)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Bumping containerd to the 1.5.x development series.
We refresh patches and add new build dependencies, but otherwise
the overall structure is the same.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
moby has moved on to the 20.10+ series, while docker-ce has
stayed behind a bit.
Master of docker-ce now has imports from moby and is getting
ready for release.
To keep our variants from diverging, we switch to master (for
now) and will track the new development.
We adapt some patches from the moby build to work for docker-ce,
in particular, we cannot use docker to build docker, so we
port the cli building from moby.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to the lastet 20.10 series. This includes the following
moby commits:
255c79a1e8 Move cgroup v2 out of experimental
f2c0b3688a Pin arm64 machines to a specific Ubuntu version
29ff2af2d3 Fix flaky TestInspect
60310e2409 Use docker media type for plugin layers
8088859bab btrfs: Allow unprivileged user to delete subvolumes (kernel >= 4.18)
d22dde8eb1 rootless: fix getCurrentOOMScoreAdj
c1e7924f7c archive: do not use overlayWhiteoutConverter for UserNS
22dc1597b9 overlay2: doesSupportNativeDiff: add fast path for userns
daae27bfce overlay2: call d.naiveDiff.ApplyDiff when useNaiveDiff==true
e974cb638c rootless: bind mount: fix "operation not permitted"
7022b1e12e bump up rootlesskit to v0.14.1
88470052e7 vendor: docker/libnetwork b3507428be5b458cb0e2b4086b13531fb0706e46
d26ed2c33b fix assertPortList normalizing being too strict
915b239519 builder: produce error when using unsupported Dockerfile option
ef2351b416 integration-cli: rely less on "docker port" output format
86d98f5711 integration: update getExternalAddress to prefer IPv4
b41e2d4dc1 integration/container: wrap some long lines for readability
407a61cdb2 hack: use GOPROXY for rootlesskit to workaround issue with old git on CentOS/RHEL 7
a35e1f451e update rootlesskit to v0.14.0
9780942e20 Remove cli test for duplicate --net/--network opts
e1ee2823ec TestPushMultipleTags: Add support for 20.10 CLI
969bde2009 jsonfile: more defensive reader implementation
cb501700e8 Fix handling for json-file io.UnexpectedEOF
2d39a44c1c overlayutils/userxattr.go: add "fast path" for kernel >= 5.11.0
95d2b686be overlay2: support "userxattr" option (kernel 5.11)
074270703c Use buster backports to build with libseccomp-2.4.4
fed6ba2790 Include VPNkit binary for arm64
2ab3cd8c9e update containerd binary to v1.4.4
d3188dc164 Dockerfile: switch to "stable" dockerfile front-end
98273a606a dockerd-rootless-setuptool.sh: create CLI context "rootless"
a0670c6d3d pkg/archive: TestUntarParentPathPermissions requires root
04d9b581e9 Update documentation links
1015b5b438 dockerd-rootless.sh: prohibit running as root
35f5f9e624 builder: fix incorrect cache match for inline cache with empty layers
3ce37a6aa4 vendor: github.com/moby/buildkit v0.8.2
5e8c1b4f7d dockerd-rootless.sh: add typo guard
a24d92f95b check-config.sh: add NETFILTER_XT_MARK
80019e1b0e builder: fix blobs releasing via leases after pull
2a220f1f3d Update Swarmkit to pick up fixes to heartbeat period and stalled tasks
da1a672102 builder: fix pull synchronization regression
0e001154f9 Check the length of the correct variable #42039
3beb2e4422 Move cpu variant checks into platform matcher
0caf485abb Fallback to manifest list when no platform match
a6a88b3145 profiles: seccomp: update to Linux 5.11 syscall list
e3750357a5 builder: ensure libnetwork state file do not leak
ab5711e619 Fix builder inconsistent error on buggy platform
df2a989769 Add shim config for custom runtimes for plugins
d13e162a63 Handle long log messages correctly on SizedLogger
34446d0343 replace json.Unmarshal with NewFromJSON in Create
c00fb1383f docs: fix double "the" in existing API versions
b7e6803ec4 swagger.yaml: Remove extra 'the' wrapped by newline
420de4c569 contrib/check-config.sh: fix INET_XFRM_MODE_TRANSPORT
8412078b1e contrib/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED
bb0866f04e contrib/check-config.sh: fix MEMCG_SWAP_ENABLED
db47bec3c7 contrib/check-config.sh: fix NF_NAT_NEEDED
6bc47ca4b4 contrib/check-config.sh: fix NF_NAT_IPV4
491642e696 contrib/check-config.sh: support for cgroupv2
cda6988478 Fix Error in daemon_unix.go and docker_cli_run_unit_test.go
1640d7b986 Fix daemon panic when starting container with invalid device cgroup rule
6e3f2acdac docs: fix NanoCPUs casing
ad777ff3bc api: fix NanoCPUs casing in swagger
94d2467613 Fix userns-remap option when username & UID match
acb8a48a3c update runc binary to v1.0.0-rc93
5d442b1cb7 pkg/archive: Unpack() use 0755 permissions for missing directories
5db18e0aba archive: avoid creating parent dirs for XGlobalHeader
94feac18d2 Update rootlesskit to v0.13.1 to fix handling of IPv6 addresses
cc377d27ac Update TestDaemonRestartWithLiveRestore: fix docker0 subnet missmatch Fix docker0 subnet missmatch when running from docker in docker (dind)
fc07fecfb5 TestBuildUserNamespaceValidateCapabilitiesAreV2: verify build completed
f7893961de TestBuildUserNamespaceValidateCapabilitiesAreV2: use correct image name
d31b2141ae Jenkinsfile: add cgroup2
5de9bc7e01 TestInspectOomKilledTrue: skip on cgroup v2
ff49cb3e33 Dockerfile.simple: Fix compile docker binary error with btrfs
49e706e14c Dockerfile.buildx: update buildx to v0.5.1
0211909bde testing: update docker-py 4.4.1
faf6442f80 integration: fix TestBuildUserNamespaceValidateCapabilitiesAreV2 not using frozen image
f0e526f43e Make test work with rootless mode
a287e76e15 pkg/archive: allow mknodding FIFO inside userns
And the following cli commits:
dc017bdda bake: remove windows targets other than windows/amd64
feb6f439e Makefile: have binary, cross, dynbinary targets not use docker for backwards compat
8bc4062fc set default version from git
84cc7d87c update readme with new examples
c1c3d3b3a remove unused targets
048a84614 update circleci cross target
33dacda24 add windows/arm64 target
fcc05e5ea update windows resources generation
58061d25f dockerfile based binary building
4c3b87d92 config.Load() remove unneeded locks
019609872 vendor: github.com/theupdateframework/notary v0.7.0-21-gbf96a202
6ebf76504 vendor: update notary to 5f1f4a34
f508ce9db vendor: github.com/theupdateframework/notary v0.7.0
2c0435431 docs: remove trailing spaces to prevent yamldocs using "compact" notation
ff945151e docs: improve example for "remove all stopped containers"
4571d90f2 config: print deprecation warning when falling back to ~/.dockercfg
f33a69f6e [20.10] Revert "Ignore SIGURG on Linux."
d6eeeb625 service rollback: always verify state
3e157d529 docker service rollback: fix non-zero exit code in some cases
1fdf84b8e fix --update-order and --rollback-order flags
376b99c6d Rename bin/md2man to bin/go-md2man
0de4e6e9a Fix reading context and dockerfile from stdin with BuildKit
de40c2b17 Fix panic when failing to get DefaultAuthConfig
d513e46bf cli/config: prevent warning if HOME is not set
2b74b90ef Add docs and completion for docker node ls --filter node.label
05343b36a fix docker-run man page table formatting
f90db254d docs: Fix wrong variable name
0dcfdde33 Removed format flag for inspect
03cd1dc50 Added zsh completion for docker context subcommands
42811a7eb docs: add redirect for old reference URL
be966aa19 docs: fix typo in deprecated.md
b22fe0fb1 deprecate blkio-weight options with cgroups v1
4eb050071 Update bash completion for fluentd --log-options
08c4fdfa7 Add bash completion for `dockerd --ip6tables`
6aa1b37c8 Add bash completion for `docker run|create --pull`
e82920d76 Remove duplicate word in push.md
82123939f Add bash completion for jobs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to v3.1, which comprises the following commits:
bce3e6c5f Fix tests
ec1a512ac Bump to v3.1.1-dev
9f09fb62c Bump to v3.1.0
1386f9046 Fix test failure
38bb77c5b Update release notes for v3.1.0 final release
670e1ac67 [NO TESTS NEEDED] Turn on podman-remote build --isolation
ac4bdd265 Fix long option format on docs.podman.io
96ffce219 Fix containers list/prune http api filter behaviour
e772719bf [CI:DOCS] Add note to mappings for user/group userns in build
52cd3ce2d Validate passed in timezone from tz option
633ae014e Generate Kubernetes PersistentVolumeClaims from named volumes
c9640bab7 libpod/image: unit tests: use a `registries.conf` for aliases
43c772aa2 libpod/image: unit tests: defer cleanup
396a59b02 libpod/image: unit tests: use `require.NoError`
a01b387e8 Unification of until filter across list/prune endpoints
183a68a81 Unification of label filter across list/prune endpoints
d1589f280 fixup
31351ad94 fix: build endpoint for compat API
7148544df [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot
88672b58c Check if stdin is a term in --interactive --tty mode
23f3805df [NO TESTS NEEDED] Fix rootless volume plugins
5e3445e6e Ensure manually-created volumes have correct ownership
6b6989206 Support multi doc yaml for generate/play kube
d560f168f Correct json field name
573ed9220 Fix filters in image http compat/libpod api endpoints
1b349d79a podman generate systemd --new do not duplicate params
1089f83a4 Fix podman build --pull-never
be02c8581 man pages: correct seccomp-policy label
62b49e176 [NO TESTS NEEDED] Use same function podman-remote rmi as podman
3d1aaffdb Add problematic volume name to kube play error messages
d498022fd Fix list pods filter handling in libpod api
66b1c2bd9 [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS
b55730180 Remove resize race condition
e7dc66d83 [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0
57e0d8f29 Use TMPDIR when commiting images
505f43c08 Add RequiresMountsFor= to systemd generate
15da607d1 Fix swapped dimensions from terminal.GetSize
0127cc184 Revert go-systemd to v2.22.0
4f11517c0 Cirrus: Update configuration for v3.1 branch
834f4caaa Bump to v3.1.0-dev
1b56ea2d9 Bump to v3.1.0-rc2
1ae87ff46 Update release notes for v3.1.0-RC2
3b609a706 Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.3.0
1dfbdd5d9 Fix system prune cmd user message with options
afce37671 System tests: reenable a bunch of skipped tests
417f36281 Cleanup /libpod/images/load handler
adf652e2a vendor: drop replace for github.com/syndtr/gocapability
e85cf8f4a security: use the bounding caps with --privileged
f46b34ecd Bump github.com/containers/common from 0.35.0 to 0.35.3
5a18b5eb7 Bump k8s.io/apimachinery from 0.20.4 to 0.20.5
aa2d6e6e6 Fix volumes and networks list/prune filters in http api
ec1651fbf Bump github.com/containers/storage from 1.25.0 to 1.28.0
1ca74b00d add a dependabot config to automate vendoring
a596d1f5d Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
8ea02d0b6 network prune filters for http compat and libpod api
8da5fd820 test: check for io.stat existence on cgroup v2
592aae4f9 test: fix test for last crun/runc
1c873c7da test: simplify cgroup path
af3499db5 Latest crun/runc should handle blkio-weight test
82858a97c fix user message image prune --all
3d01d42f2 Docs: removing secrets is safe for in-use secrets
21f229a3d Downgrade github.com/coreos/go-systemd/v22
e8918ff10 pkg/bindings/images.Build(): fix a race condition in error reporting
310eae4ba Switch all builds to pull-never
963d19c75 System test cleanup
f4b2d597a Fix for volumes prune in http compat api
8de560703 Fix remote client timezone test
57e8c6632 Do not leak libpod package into the remote client
762148deb Split libpod/network package
955aaccc5 fix use with localhost (testing)
9251b6c8c add /auth for docker compatibility
3803d0a4a create endpoint for querying libpod networks
12fb9e465 Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1
660a72993 sdnotify tests: try real hard to kill socat processes
7b0155cf7 Fix array instead of one elem network http api
92a8d69a7 Delete all containers and pods between tests
258749e43 apiv2 tests: finally fix POST as originally intended
c9ef26071 Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
f1eb8e816 Removing a non existing container API should return 404
dc0c72a48 Docs: Add docs to access APIs inside container
6d4899745 options: append CLI graph driver options
930bec4d3 podman load: fix error handling
1f2f7e745 podman cp: evaluate symlink correctly when copying from container
2033fa4c7 rm pkg/api/handlers/libpod/copy.go
31b11b5cd podman cp: fix copying to a non-existent dir
a61d70cf8 podman cp: fix ownership
2abfef380 podman cp: ignore EPERMs in rootless mode
d175fbfdb vendor buildah@v1.19.8
e33f52390 apiv2 tests: add helpers to start/stop a local registry
e926b5d73 Bump to v3.1.0-dev
aa9616cd4 Bump to v3.1.0-rc1
e9db60492 allow the removal of storage images
9eac4a7f7 podman-remote build does not support volumes
d1878cc67 Compat API: Avoid trying to create volumes if they already exist
7e289833e Bump github.com/onsi/gomega from 1.10.5 to 1.11.0
0e36e65ea Allow users to generate a kubernetes yaml off non running containers
80390dd18 Bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1
d0d084dd8 turn hidden --trace into a NOP
320df8388 pkg/terminal: use c/storage/pkg/homedir
cc7a7568a Update nix pin with `make nixpkgs`
9e75cafd5 build-arg
326f3eda3 Handle podman build --dns-search
01ffe2c30 podman build --build-arg should fall back to environment
2c500a814 Add support for podman build --ignorefile
1a33b7648 replace local mount consts with libpod/define
e4da5096b separate file with mount consts in libpod/define
9fc29f63e Correct compat images/{name}/push response
a910f74ea [NO TESTS NEEDED] Bump pre-commit-hooks version
3ae580b0e [ci skip] Bad formatting fix in build documentation
803e58b36 Bump github.com/containernetworking/plugins to v0.9.1
d107c3729 podman-remote stop -time 0 does not work
5bb8fa30b Do not return from c.stop() before re-locking
2bcc95257 Fix for podman network rm (-f) workflow
3396343d4 Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0
efc592fba Bump github.com/containers/buildah from 1.19.6 to 1.19.7
793c52dd5 Add tests for selinux kvm/init labels
8453424e2 Respect NanoCpus in Compat Create
a090301bb podman cp: support copying on tmpfs mounts
e43385eca image removal: ignore unknown-layer errors
aa0a57f09 Fix cni teardown errors
f86d64130 Use version package to track all versions
252aec1c9 Check for supportsKVM based on basename of the runtime
53d22c779 Compat API: create volume source dirs on the host
61e626c85 Makefile: add install.docker-docs-nobuild for packaging use
81a3f8a43 Add /sys/fs/cgroup as readonly path in docs
8f2192922 Add network summary to compat ps
4eed89aca Fix possible panic with podman build --iidfile
9391bfc52 Add version field to secret compat list/inspect api
b19791c0b Tidy duplicate log tests
5df625140 Fix support for podman build --timestamp
43e899c2e Rewrite Rename backend in a more atomic fashion
91b2f07d5 Use functions and defines from checkpointctl
bf92e2111 Move checkpoint/restore code to pkg/checkpoint/crutils
bd819ef7d Vendor in checkpointctl
2c8c5393a Support label type dict on compat build
ac992e4b0 Makefile: install systemd services conditionally
63a3b8a09 podman-system-service.1.md: fix timeout example
774aea45e swagger: update the libpodPutArchive operation verb
3908c0079 Makefile: split install.docker-docs from install.docker
2f0fc2911 Bump RootlessKit v0.14.0-beta.0
8b7caa6d0 Compat api containers/json Ports field is null
14d5bd164 Bump github.com/cri-o/ocicni to latest master
7927fe01f Refactor python tests to run against python3.9
9435e5b79 APIv2 tests: make more maintainable
e9d94dc90 [CI:DOCS] Improve release process docs
375201633 podman rmi: handle corrupted storage better
d9cb135b6 Enable cgroupsv2 rw mount via security-opt unmask
cc679d952 podman-image-sign.1.md: typo fix
f54ed7269 compat api network ls accept both format options
680dacaea Enable no_hosts from containers.conf
fcce1da1b Correct compat images/create?fromImage response
ba319e3ba [Compat API] Also print successfully tagging images in /build endpoint
43d010bd0 Fix parsing of Tmpfs field in compat create
24d9bda7f prune remotecommand dependency
bee21f1e4 system test image: build it multiarch
ef549235e Updated based on Jhonce comments
ccbe4ff73 updated common to 0.35.0
836bfebb4 Refactored file
1aa96ed2e swagger: removes the schema type for PodSpecGenerator $ref
431f75519 podman-system-connection.1.md: fix copy/paste error
90050671b Add dns search domains from cni response to resolv.conf
f152f9cf0 Network connect error if net mode is not bridge
fc32ec768 Sort CapDrop in inspect to guarantee order
79eaadd3f podman upgrade tests
3947feb4b test: ignore named hierarchies for cgroups=split
e5ac28f3b container removal: handle already removed containers
a775c5920 Bump github.com/rootless-containers/rootlesskit from 0.13.1 to 0.13.2
0ab32d11d Bump k8s.io/apimachinery from 0.20.3 to 0.20.4
874f2327e Add U volume flag to chown source volumes
fcf669fd9 Replace Labels and Options nulls with {} in NetworkResource
4875a8fb4 Cirrus: Temp. disable prior-fedora (F32) testing
f3a8e3324 podman cp: test /dev/stdin correctly
8577be72e podman cp: treat /dev/stdout correctly
e87c5b6c1 cgroup: change cgroup deletion logic on v1
9d818be73 Fix podman network IDs handling
d9655b0f0 pr-should-include-tests: recognized "renamed" tests
d2f3098c6 --no-header flag implementation for generate systemd
af7a68fa8 [NO TESTS NEEDED] Make binding util internal
c236aebb9 Two variations of --new flag added to e2e
a2e1b3eab swagger: add missing schema properties
5dded6fae bump go module to v3
d333ef82b Fix 'storage.options' indent
d886cd930 Bump github.com/sirupsen/logrus from 1.7.1 to 1.8.0
b40d778f4 Bump github.com/containers/buildah from 1.19.4 to 1.19.6
05eb06f56 Turn on journald and k8s file logging tests
f06dd45e0 Allow podman play kube to read yaml file from stdin
43a581904 Log working dir when chdir fails
d6b0b5412 Fix segfault in run with memory-swap
e1ad50654 leak fix in rootless_linux.c fcn can_use_shortcut
612ba6aa8 Fix journald logs with more than 1 container
9016387bb Fix journald logs --follow
f2d057c94 Fix journald logs --since
fbc50e528 fix journald logs --tail 0
cf2a55189 [CI:DOCS]basic networking guide
71689052a cp: treat "." and "/." correctly
caa0bc157 [CI:DOCS] [NO TESTS NEEDED] Update swagger doc for libpod container wait
31eca5c20 Bump k8s.io/apimachinery from 0.20.2 to 0.20.3
e022c1975 Don't switch on a single case
3e168b19f Quote URL
b3f9559c8 bindings: support simple types that implement fmt.Stringer interface
9699e81a0 API: fix libpod's container wait endpoint condition conversion
a9d548bf7 Change source path resolution for volume copy-up
e2d5a1d05 podman ps --format '{{ .Size }}' requires --size option
12b6342c3 infra: downgrade warning to debug
12a577aea Ignore entrypoint=[\"\"]
684290725 Bump github.com/sirupsen/logrus from 1.7.0 to 1.7.1
68a8d397c Add missing early returns in compat API
5d1ec2960 Do not reset storage when running inside of a container
958f90143 podman kill should report rawInput not container id
759fc9334 Fix an issue where copyup could fail with ENOENT
2ec0e3b65 do not set empty $HOME
2a21ecafa images/create: always pull image
f2f18768a Fix panic in pod creation
0fd480708 Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1
2845f7b83 podman build: pass runtime to buildah
39c1fdb15 correct startup error message
690c02f60 Add missing params for podman-remote build
a532994f8 Fix typo podman run doc in flag -pid=mode "efault"
4a9bd7a18 When stopping a container, print rawInput
714acf326 fix create container: handle empty host port
3d50393f0 Don't chown workdir if it already exists
bf083c185 Fix broken podman generate systemd --new with pods
227c54813 fix dns resolution on ubuntu
0ab5bfd31 e2e: fix network alias test
704fa8b55 fix failing image e2e test
9a24d5098 Update troubleshooting.md
6ffd05d0b [NO TESTS NEEDED] Refactor generated code
2c31f3839 Fix superfluous response.WriteHeader call in WaitContainerLibpod()
4067f3a4d change ps Created to unix
78b419909 Enable more golangci-lint linters
adfcb7460 make layer-tree lookup errors non-fatal
78c8a8736 Enable whitespace linter
69ab67bf9 Enable golint linter
ef2fc90f2 Enable stylecheck linter
40c3c972d Update Master to reflect the 3.0 release
660a06f2f utils: takes the longest path on cgroup v1
5f999b6bc container ps json format miscue
8e2fae186 Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
1b5f3ed24 utils: create parent cgroups
9196a5ce3 utils: ignore unified on cgroupv1 if not present
f4fd25a00 utils: skip empty lines
f28b08fe9 Correct compat network prune response
5ccb1596b Display correct value for unlimited ulimit
fdf39e169 apiv2: handle docker-java clients pulling
ea910fc53 Rewrite copy-up to use buildah Copier
31b2b2cc2 bump to v3.1.0-dev
68133414f [NO TESTS NEEDED] Update linter
46b014bad Bump github.com/spf13/cobra from 1.1.1 to 1.1.2
1cc387bf7 Add shell completion tests for secrets
f4ece018b Docker APIv2 push sends digest in response body
f2a856203 Fix compat networks endpoint for a empty result
21deafba8 hardening flags for fedora rpmbuilds
e15e170ac [CI:DOCS]First pass at release process
46385dd60 Restart service when CONTAINERS_CONF changes
cc846a8cd Support annotations from containers.conf
68414537c vendor github.com/containers/image v5.10.2
ea704da72 APIv2 tests: lots of cleanup
721a1e104 Fix Docker APIv2 push endpoint
48c612cf6 generate kube: support --privileged
08d8290f1 Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0
832a69b0b Implement Secrets
45981ba29 Bump containers/buildah to v1.19.4
1caace8f4 Allow path completion for podman create/run --rootfs
6c75419a8 Cirrus: Send cirrus-cron report e-mail to list.
feecdf919 make `podman rmi` more robust
407e86dcd Implement missing arguments for podman build
3c3e644c1 vendor latest containers/common
91ea3fabd add network prune
821ef6486 fix logic when not creating a workdir
002f2aca7 Bump remote API version to 3.0.0
6c713984e play kube selinux test case
5c6ab3075 Fix podman network disconnect wrong NetworkStatus number
05444cb2c Fix per review request
c995b5460 generate kube: handle entrypoint
96adf0e2a play kube selinux test case
2b8d6ca09 Increase timeouts in some tests
3c57bc845 Add test for Docker APIv2 wait
4a219aa23 Implement Docker wait conditions
fc385806d Improve ContainerEngine.ContainerWait()
570e1587d Improve container libpod.Wait*() functions
6a6e86829 Cirrus: Collect ginkgo node logs artifacts
ebc42f508 Bump github.com/containers/storage from 1.24.5 to 1.25.0
9dc795191 Bump github.com/containernetworking/cni from 0.8.0 to 0.8.1
bc149a4dd bindings: attach: warn correct error
d87f54fbb Fix invalid wait condition on kill
dfa9a340a Makefile: make bin/* real targets!
3d105015f typo
c40cd1be9 Bump github.com/onsi/gomega from 1.10.4 to 1.10.5
bda95bdb6 Update nix pin with `make nixpkgs`
1c50e09b0 System test for #9096 (truncated stdout)
432ee04c5 play kube selinux label test case
e0bc8ffb5 Gating tests: diff test: workaround for RHEL8 failure
bde23a021 [NO TESTS NEEDED] style: indendation
89df89b5f [NO TESTS NEEDED] fixup: remove debug code
7e4d696d9 Report StatusConflict on Pod opt partial failures
bd0e22ed1 Honor network options for macvlan networks
095919680 Make slirp MTU configurable (network_cmd_options)
ac3bd4c33 [NO TESTS NEEDED] Generated files
5a746c08f [NO TESTS NEEDED] Improve generator
c68b59f97 play kube selinux label issue
e9f936a29 Makefile: refactor ginkgo * ginkgo-remote
931ea939a Allow pods to use --net=none
323ab314e Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
077fd670b Update release notes for v3.0.0
ee8ee651d New 'make completions' target
e11d8f15e add macvlan as a supported network driver
5352df226 Fix podman generate systemd --new special char handling
eaafd975a Bump github.com/rootless-containers/rootlesskit from 0.12.0 to 0.13.0
51c11fea8 Endpoint that lists containers does not return correct Status value
3cfd4ce45 Fix --network parsing for podman pod create
9b5b03d1e list volumes before pruning
4a6d042c2 Docker ignores mount flags that begin with constency
cdbbc6120 podman generate kube ignores --network=host
073f76c13 Switch podman stop/kill/wait handlers to use abi
b842d97f5 [CI:DOCS]build instructions for macOS
280f332bd Vendor in containers/buildah v1.19.3
ca0dd76bf Honor custom DNS in play|generate kube
d7c356552 Podman-remote push can support --format
b74f939fb Bump github.com/containers/image/v5 from 5.10.0 to 5.10.1
8d979e093 Cirrus: Build static podman-remote
c0bf0ba9e podman build --pull: refine help message and docs
c450092fd Revert "podman build --pull: use correct policy"
75c3b3389 Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0
59076888d Cleanup bindings for image pull
89bb8a9b3 Don't fail if one of the cgroups is not setup
1fac43654 Add support for rootless network-aliases
c717b3cac Allow static ip and mac with rootless cni network
15caebfe5 podman build --pull: use correct policy
bfc1b66be Cirrus: Fix running Validate task on branches
f8bf509d1 Fix static build cache by using cachix
84f7bdc4d Switch podman image push handlers to use abi
fee2fadc3 e2e tests: synchronize test results
21cb3043f podman-remote ps --external --pod --sort do not work.
f79d68eea Fix podman history --no-trunc for the CREATED BY field
c63599d36 remote exec: write conmon error on hijacked connection
e9f4fb975 Fix #9100 Change console mode message to debug
02ec5299f Add default net info in container inspect
1ae410d19 Ensure the Volumes field in Compat Create is honored
35c89ccc5 [CI:DOCS]update state of restful service
0f668aa08 workdir presence checks
7b186dcb9 libpod: add (*Container).ResolvePath()
74a63df05 Fixup search
97f5e9458 Pass DefaultMountsFile to podman build
5350254f0 Ensure shutdown handler access is syncronized
33179c281 System tests: cover gaps from the last month
5623cb9d3 Fix --arch and --os flags to work correctly
a86d23c75 Bump github.com/google/uuid from 1.1.5 to 1.2.0
75698b4b7 Fix typo
393a8f026 disable dnsname when --internal
ef76b92b8 swagger.go: Fix compilation error
8c1768e38 Fix fish completion issue if the command is prefixed with a space
a457c5c92 Bump golang.org/x/crypto
0ba1942f2 networking: lookup child IP in networks
c182091b0 Small API test improvement for compatibility search endpoint
6e6a38b41 podman manifest exists
c9baa6b93 Accept and ignore 'null' as value for X-Registry-Auth
4b8df5903 Turn on some remote test
94f96c78a Add a notice to remove pod before starting service
ef654941d libpod: move slirp magic IPs to consts
5e65f0ba3 rootlessport: set source IP to slirp4netns device
37319dec1 vendor: update rootlesskit to v0.12.0
2fa67fe4b api: fix import image swagger definition
9d31fed5f podman volume exists
4e4d318b7 Cirrus: Upload swagger YAML in every context
dbb99433d [CI:DOCS] Cirrus: Skip smoke task on branch-push
836fa4c49 Move the cni lock file into the cni config dir
c1cd512cb Use random network names in the e2e tests
3fedb2b6d [CI:DOCS] Update project name in Code of Conduct
f43046745 Set log driver for compatability containers
c3cbaa355 Make generate systemd --new robust against double curly braces
6518391e8 Fix man page for fuse-overlayfs config in rootless mode
a3621a7cf Cirrus: add bindings checks
e7df73efa Fix handling of container remove
41a7e11c7 make bindings generation explicit
f302ce578 make bindings generation more robuts
175fc3867 Revert "ginkgo: install on demand via `go get -u`"
37abec240 [CI:DOCS] fix go-md2man HTMLSpan warnings
9f6bb3563 CI: smoke test: insist on adding tests on PRs
a45d22a1d podman network exists
de05e5816 ginkgo: install on demand via `go get -u`
d2ee3d815 runner.sh : deal with bash 'set -e'
4ccb0729b Add binding options for container|pod exists
683bab03f [CI:DOCS]Do not run compose tests with CI:DOCS
2df59829e simplify bindings generation
462994268 make: generate bindings: use vendor
caaaa2c5e hack/install_golangci.sh: smarter install
f38b7f48c golangci-lint: install to ./bin
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following changes are part of this version bump:
1.29.1 (2021-04-13)
-------------------
Bugs
Fix for invalid handler warning on Windows builds
Fix config hash to trigger container recreation on IPC mode updates
Fix conversion map for placement.max_replicas_per_node
Remove extra scan suggestion on build
1.29.0 (2021-04-06)
-------------------
Features
Add profile filter to docker-compose config
Add a depends_on condition to wait for successful service completion
Miscellaneous
Add image scan message on build
Update warning message for --no-ansi to mention --ansi never as alternative
Bump docker-py to 5.0.0
Bump PyYAML to 5.4.1
Bump python-dotenv to 0.17.0
1.28.6 (2021-03-23)
-------------------
Bugs
Make --env-file relative to the current working directory and error out
for invalid paths. Environment file paths set with --env-file are
relative to the current working directory while the default .env file is
located in the project directory which by default is the base directory
of the Compose file.
Fix missing service property storage_opt by updating the compose schema
Fix build extra_hosts list format
Remove extra error message on exec
Miscellaneous
Add compose.yml and compose.yaml to default filename list
1.28.5 (2021-02-25)
-------------------
Bugs
Fix OpenSSL version mismatch error when shelling out to the ssh client
(via bump to docker-py 4.4.4 which contains the fix)
Add missing build flags to the native builder: platform, isolation and extra_hosts
Remove info message on native build
Avoid fetching logs when service logging driver is set to 'none'
1.28.4 (2021-02-18)
--------------------
Bugs
Fix SSH port parsing by bumping docker-py to 4.4.3
Miscellaneous
Bump Python to 3.7.10
1.28.3 (2021-02-17)
-------------------
Bugs
Fix SSH hostname parsing when it contains leading s/h, and remove the
quiet option that was hiding the error (via docker-py bump to 4.4.2)
Fix key error for '--no-log-prefix' option
Fix incorrect CLI environment variable name for service profiles:
COMPOSE_PROFILES instead of COMPOSE_PROFILE
Fix fish completion
Miscellaneous
Bump cryptography to 3.3.2
Remove log driver filter
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of this update to crun, we now much run autogen.sh before
running configure.
Otherwise, these are incremental changes and comprise the following
commits:
9effaeb On exec, honor additional_gids from the process spec, not the container definition
c25a2db tests: add explicit python3-pip dependency
e67a756 NEWS: tag 0.19
18c0274 gitignore: update
471a7b8 libocispec: update from upstream
f642968 tests: fix check for cgroup v2
3e7fa1d linux: always remount bind mounts
78aeac9 linux: ignore unknown capabilities
f11d742 Add linuxdevicecgroup to maintain parity with runc spec
9aa382b cgroup: skip parsing empty file
d9c9fd0 container: initialize tmp_err
00371ae src: initialize statx struct
2e88d19 src: initialize first_arg
5e4efb7 seccomp: always NUL terminate lowercase_arch
7812572 tests: add test for seccomp listener
f80e98d init: add check for seccomp listener
5d9010b init: fix check for nargs
5a627f4 seccomp: support notify listener
c3361c1 status: use function to convert from yajl errors
873b62d container: use new error function for hooks JSON
14083ab error: new function to convert from yajl errors
6e19235 linux: pass own pid to container process
8fd3320 contrib: new tool to test seccomp notifications
8722858 crun: always use absolute path for the bundle
ae9ea92 container: improve OOM error message
919aac9 utils: receive fd detect closed connection
a52e480 cgroup: new function to detect OOM
2e37d2a sync-libocispec
75ad96b Let autogen.sh generate m4
14c260f libcrun_warn if newuidmap/newgidmap invoke fails
5598401 README.md: drop pids limit comparison
9ea6857 github: add fuzzing test
0fd03ba tests: add container image for fuzzing libcrun
bbd5c7d fuzzer: reap child processes
c7350ef tests: add more fuzzing tests
816f95b fuzzer: merge two tests
effa508 linux: cleanup zombie on errors
b32f1eb linux: release only on error
5ca72f5 status: attempt open again on interrupts
9b5d4c1 Added static analysis Adding clang compilation Fixing comparison of integers of different signs
3b199ef Update GNUmakefile
dcd1a34 linux: label the tmpfs for masked directories
edf7f15 seccomp: check if the action supports errnoRet
bc222b6 seccomp: fail if no default action specified
0c5b920 seccomp: honor default errno value
92c0afe yajl: support static link of containers/yajl
f3d920d src: fix unitialized variable
7d89a02 src: add error check
765971c status: fix memory leak on error
31274d8 utils: fix check for fd
62d1c4d tests: add test to feed honggfuzz
ab75091 ebpf: return the program instead of NULL
8b16552 src: check if seccomp is defined
f721efb container: fix error ownership
4472e35 container: allow config from memory
6b369b8 container: fix memory leak
0fede0f container: initialize variable
2b6c0b6 container: fix dereference of def->linux if NULL
1dd9b5b container: check for def->process before deref
1b1a691 fix: cross-compiling for Android
b25cb2d tests: add device access test
86251b0 ebpf: handle access(dev_name, F_OK) call correctly
e2d79dc fix: access violate if ret < -2
4f35406 cgroup: read controllers from /proc/self/cgroup
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
calling bb.parse.SkipRecipe with conditional PNBLACKLISTs
* PNBLACKLISTs are IMHO a bit easier to read and easier to override from distro
which e.g. provides own recipe for libseccomp
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Moving off the 1.20.x-rc and onto a dot release tag. This pulls in
the following commits:
e87da0bd6e0 Release commit for Kubernetes v1.20.4
5682545c2da Update CHANGELOG/CHANGELOG-1.20.md for v1.20.3
f8f2fa827d3 Release commit for Kubernetes v1.20.4-rc.0
01849e73f3c Release commit for Kubernetes v1.20.3
58c5493f22a kube-cross: update image to use v1.15.8-legacy-1
e000e9722bb [go1.15] build: Update to k/repo-infra@v0.1.4 (supports go1.15.8)
3365196e9d8 Use go-runner:buster-v2.3.1 image (built on go1.15.8)
91f2745f08c staging/publishing: Set default go version to go1.15.8
3c777448311 Update to go1.15.8
b570189cf1f Revert "make hostPort match test linuxonly"
6698a4e7afc Revert "conformance changes"
6a31f8d17ef dockershim hostport respect IPFamily
a456eb4eaf6 dockershim hostport manager use HostIP
5d9910a0172 Cherry pick of #98254:Fix the kube-scheduler binary's description of the --config parameter is inaccurate
ac866d63911 make podTopologyHints protected by lock
b84ee98db74 kubelet: Fix mirrorPodTerminationMap leak
d381d6c52cc kubelet: Delete static pods gracefully
b2576fb35f7 kubelet logs print 'kubelet nodes sync' frequently
7826a1c6b87 WIP: node sync at least once
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping the runc version to incorporate the following commits:
2ae56653 Move fuzzers upstream
053e15c0 tests/checkpoint: show full log lazy pages cpt
e618a6d5 curl: add --retry 5
4b98e4a7 MAINTAINERS: update Aleksa's email
8a3484b7 libcontainer/factory*: adjust the file mode
71ca6432 fix integration tests README.md
916654ff libcontainer: fix LinuxFactory comments
c3ffd2ef Do not convert blkio weight value using blkio->io conversion scheme
38b2dd39 runc exec: report possible OOM kill
5d0ffbf9 runc start/run: report OOM
7e137b90 libct/cg/fs2/hugetlb: use fscommon.GetValueByKey
9fa65f66 libct/cg/fscommon: add GetValueByKey
c54c3f85 libcontainer/notify_linux_v2: use fscommon.ReadFile
494f900e libct/cg/fscommon: rename/facelift GetCgroupParamKeyValue
1880d2fc libct/cg/fs/memory: handle EBUSY
27fd3fc3 libct/cg/fs: setMemoryAndSwap: refactor
3cced523 libct/cg/fs/memory: optimize Set
65c2d3c2 tests/int/update: add test case for PR #592
53d3b552 Update README.md for libcontainer
6c5ed0db Fix memory stats for cache in fs2
af521ed5 libct/cgroups/systemd: don't set limits in Apply
fa52df94 libcontainer: fix the file mode of the device
d0cbef57 Makefile: rm go 1.13 workaround
4019f08d make validate: rm go vet
f9c21133 make lint: use golangci-lint
671bb978 Makefile: remove ci target
95940855 script/validate-gofmt: rm
91f0ae18 ci/gha: bump go 1.16-rc1 -> 1.16.x
5b14a261 README: add gha badges
f3f563bc apparmor: try attr/apparmor/exec before attr/exec
41670e21 tests/int: rework/simplify setup and teardown
d73b4443 ci: enable -race from matrix
b7744547 libct/int: fix a data race
c34a9b10 tests/int/hooks.bats: don't use DEBIAN_BUNDLE
e40a369e tests/int/list.bats: don't use $BUSYBOX_BUNDLE
985546b4 tests/int: BATS_TMPDIR -> BATS_RUN_TMPDIR
85d5fea4 tests/int: stop reusing HELLO_BUNDLE for alt root
76532fac tests/int/events: rm unneeded eval
49766140 tests/int: use wait_for_container where appropriate
4d6ffa39 tests/int/helpers: reimplement wait_for_container
e7052dcd tests/int/spec.bats: don't use HELLO_BUNDLE
0cfc2e32 tests/int: rm teardown_running_container_inroot
78f0e4b2 tests/int: rm wait_for_container_inroot
64d5702f tests/int: don't depend on BUSYBOX_BUNDLE var
efb8552b tests/int: add device access test
81707abd ebpf: fix device access check
c3428722 libct/config: fix a data race
51ec5db1 ci: add i386 unit test run
b142a70e libct/seccomp/patchpbf/test: fix for 32-bit
2831fb55 cgroup2: devices: handle eBPF skipping more correctly
d1007b08 cgroupv1 freezer: thaw to increase freeze chances
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
If the required modules aren't in the image, k3s will fail to start.
Set the requirements as RRECOMMENDS for image types that don't install
the kernel-modules meta-package.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
We build and depend on our own containerd, we don't need the ctr
symlink to k3s for proper operation.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
To more closely align with the rancher/upstream build, we add
additional tags to the build. To make them easier to manage, we
also introduce a variable and use it in the go build line.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
k3s requires seccomp, and a runc with seccomp enabled for proper
operation. runc has a distro feature check to enable seccomp, so
if we enforce it as k3s feature, we'll also get a properly built
runc and we'll work out of the box.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping the runc version to incorporate the following commits:
2ae56653 Move fuzzers upstream
053e15c0 tests/checkpoint: show full log lazy pages cpt
e618a6d5 curl: add --retry 5
4b98e4a7 MAINTAINERS: update Aleksa's email
8a3484b7 libcontainer/factory*: adjust the file mode
71ca6432 fix integration tests README.md
916654ff libcontainer: fix LinuxFactory comments
c3ffd2ef Do not convert blkio weight value using blkio->io conversion scheme
38b2dd39 runc exec: report possible OOM kill
5d0ffbf9 runc start/run: report OOM
7e137b90 libct/cg/fs2/hugetlb: use fscommon.GetValueByKey
9fa65f66 libct/cg/fscommon: add GetValueByKey
c54c3f85 libcontainer/notify_linux_v2: use fscommon.ReadFile
494f900e libct/cg/fscommon: rename/facelift GetCgroupParamKeyValue
1880d2fc libct/cg/fs/memory: handle EBUSY
27fd3fc3 libct/cg/fs: setMemoryAndSwap: refactor
3cced523 libct/cg/fs/memory: optimize Set
65c2d3c2 tests/int/update: add test case for PR #592
53d3b552 Update README.md for libcontainer
6c5ed0db Fix memory stats for cache in fs2
af521ed5 libct/cgroups/systemd: don't set limits in Apply
fa52df94 libcontainer: fix the file mode of the device
d0cbef57 Makefile: rm go 1.13 workaround
4019f08d make validate: rm go vet
f9c21133 make lint: use golangci-lint
671bb978 Makefile: remove ci target
95940855 script/validate-gofmt: rm
91f0ae18 ci/gha: bump go 1.16-rc1 -> 1.16.x
5b14a261 README: add gha badges
f3f563bc apparmor: try attr/apparmor/exec before attr/exec
41670e21 tests/int: rework/simplify setup and teardown
d73b4443 ci: enable -race from matrix
b7744547 libct/int: fix a data race
c34a9b10 tests/int/hooks.bats: don't use DEBIAN_BUNDLE
e40a369e tests/int/list.bats: don't use $BUSYBOX_BUNDLE
985546b4 tests/int: BATS_TMPDIR -> BATS_RUN_TMPDIR
85d5fea4 tests/int: stop reusing HELLO_BUNDLE for alt root
76532fac tests/int/events: rm unneeded eval
49766140 tests/int: use wait_for_container where appropriate
4d6ffa39 tests/int/helpers: reimplement wait_for_container
e7052dcd tests/int/spec.bats: don't use HELLO_BUNDLE
0cfc2e32 tests/int: rm teardown_running_container_inroot
78f0e4b2 tests/int: rm wait_for_container_inroot
64d5702f tests/int: don't depend on BUSYBOX_BUNDLE var
efb8552b tests/int: add device access test
81707abd ebpf: fix device access check
c3428722 libct/config: fix a data race
51ec5db1 ci: add i386 unit test run
b142a70e libct/seccomp/patchpbf/test: fix for 32-bit
2831fb55 cgroup2: devices: handle eBPF skipping more correctly
d1007b08 cgroupv1 freezer: thaw to increase freeze chances
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
runc can be built with both selinux and seccomp tags. These tags
are a requirement for proper operation with some frameworks (like
k3s).
So we add checks for the appropriate distro features and then
automatically add them to the build tags, allowing us a coordinated
enabling of the functionality.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixing up the PV to use SRCPV for tracking future version bumps, if
the tree is dirty or not, git will tell us.
We also add some additional kernel module rrecommends, so that the
tools called by k3s can find the support they need (mainly iptools)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Clarify some limitations / tweaks to get up and running in a
qemu virtual machine.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
containerd is rarely used without runc, so we add the runtime dependency
to make installation and image construction easier.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Grab any remaning binaries into the main k3s package. Both k3s-agent
and k3s-server rdepend on it, so we'll be sure to get them intalled
in both scenarios.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
containerd itself provides 'ctr', and it is in our rdepends. So on
target, we have a conflict for the provider of the ctr binary.
Dropping the ctr link from k3s, since having the actual containerd
package provide its binary .. makes sense.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
See recipes-containers/k3s/README.md for basic usage and testing
instructions.
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The URI has been changed to 'https://linuxcontainers.org/downloads/lxc'
by the site maintainers recently. Updating the recipe to reflect the new
path.
Signed-off-by: Robi Buranyi <rburanyi@google.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
We no longer need to support both the docker and opencontainer
variants, so we can just grab the service file from the source tree.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to the release, which pulls in the
808420e release: distribute CHECKSUMS file
c2b0064 build-aux: provide arm build without systemd
7cc03f7 .gitignore: update file
f5274bd NEWS: tag 0.18
94e8364 src: add missing definitions
baed691 libocispec: sync from upstream
8d0ebf6 Add arm64 static binary build
b66d5d9 tests: fix make check in a user namespace
e10205e linux: remove temporary mount logic
7819f4c linux: use targetfd for move_mount
891cd3c linux: use safe_openat for masked/readonly paths
6c5577f linux: use new function
9aa264d utils: add function to safely create and open
436daef src: add function to cleanup container struct
c955ece src: pull function out
7bd51a0 build: check for linux/openat2.h
dcb1914 utils: add function to remove initial slashes
a1c958c utils: memoize check result
25c6f07 container: rename function to get_root_in_the_userns
f08bd31 src: fix leak of the descriptors buffer
df88061 tests: disable more Podman flaky tests
052bab7 utils: set HOME to root if the user not found
efe35f1 linux: ignore ENOSYS on keyctl
1b65163 tests: enable asan sanitizer
a0f322a tests: build init always statically
a656698 configure.ac: allow to disable dl support
6adb26b tests: disable hooks_stdin for oci-validation
06199c7 tests: update to podman 3.0
bc888b9 tests: disable podman pull test
f1373f9 tests: install crun under /usr/bin
257f442 Fix permission error when using both user namespaces & NOTIFY_SOCKET
617a212 cgroup: skip +cpu on EINVAL in cgroup root
b6ac8de linux: use safe_openat for tmpcopyup
2d1f910 utils: avoid reopening the root during lookup
3ce74e8 utils: fix symlink lookup
cbb67ae container: set working directory for libkrun
df01709 seccomp: custom annotation to load raw bpf
b229dca linux: refactor allocate_tmp_mounts
68bb50f linux: disable temporary mounts with [r]slave
d6ae36b libocispec: update from upstream
487e792 github: enable clang-format checks
61d6844 src: run make clang-format
1d559d0 clang-format: change ColumnLimit to 0
643d05b linux: disable temporary mounts with [r]shared
de6082f cgroup: fix conversion from blkio to io
1db8312 Update nix pin with `make nixpkgs`
540444c Makefile.am: crun depends on libocispec.la
1df96e5 linux: fix build without CLONE_NEWCGROUP
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
We are not building containerd-docker anymore, so the containerd
service file should not be changing it in as the binary. It is
confusing when you see 'containerd-docker' in the process list,
when you've built and installed containerd-opencontainers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the original recipe from Tim Orling, we introduce a recipe
for critools so we can interact diretly with cri based runtimes.
We do the normal go manipulations to get this cross building,
with the following specific tweak/patch:
The build system already knows whether or not we want to use CGO,
so we remove the hardcoded variant so our exported environment
variable will control the enablement.
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
1.20.0+gitec9e336fd8c21c4bab89a6aed2c4a138c8cfae75/src/import/_output/crictl \
-ldflags '-X github.com/kubernetes-sigs/cri-tools/pkg/version.Version=1.20.0' \
-tags '' \
github.com/kubernetes-sigs/cri-tools/cmd/crictl
# github.com/kubernetes-sigs/cri-tools/cmd/crictl
cannot find package runtime/cgo (using -importcfg)
/work/cortexa72-poky-linux/cri-tools/1.20.0+gitec9e336fd8c21c4bab89a6aed2c4a138c8cfae75-r0/recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
In a similar manner to:
https://www.yoctoproject.org/pipermail/meta-virtualization/2019-March/004084.html
We introduce '-a -pkgdir dontusecurrentpkgs' to mask/fix the problem,
and continue to work towards non-static builds.
% root@qemux86-64:~# crictl --version
crictl version 1.20.0-dirty
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
0e3bf6dad9f kubeadm: drop explicit constant override in version test
1619e810d1c kubeadm: get k8s CI version markers from k8s infra bucket
42a3b9e85ef fix kube-scheduler cannot send event because the Note field is too large
afb0de9647c Fix nil pointer dereference in disruption controller
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to the 1.21 release branch. Although this still in development,
there are some depreciations and other features we want to get into the
release, so we bump now for extra testing.
This comprises the following commits:
7b4b8b2de bump protobuf to 1.3.2
cf1e612eb server: support setting raw unified cgroupv2 settings
fc69fe15c vendor: update runtime-specs
fcc278427 cgroup: implement fix for swap memcg on cgroup v2
7b7efa307 server: leave swap mem limit unset if not supported
2d857bf21 test: skip ServiceAccountIssuerDiscovery test
dcf651d91 hostport manager clean up host ports
6f096c58e allows stream timeout to be set from config
056f8161d Bump containers image to v5.10.1
26aa60644 Move unit tests to GitHub actions
04185fc4f Move go1.14 and 386 builds to GitHub actions
f91c4f0ca set kubelet node IP
26491d154 Fix validate-completions GitHub action
ebafe7536 Add integration test for pprof over unix socket
109b412af Add a flag for enabling profile over unix socket
a09423d60 Lookup echo command for unit tests
c1a724770 Move static build to GitHub actions
85feffc1f pinns: Fixup 'pwarn' output to match 'pwarnf' output
e30c3975f pinns: Don't put errno in the exit message for argument checks
fd8e390ad nsmgr: use host option
76a89b938 nsmgr: Use config struct for NewPodNamespaces
969505130 pinns: support pinning host ns
4394eee77 Remove implicit GitHub action `name` fields
a0568ace6 Move docs and completions validation to GitHub actions
fa3741f1d Make config tests work rootless
2a8f2b11b Make rootless namespace unit test execution work
2670d8598 Do not log file path on ioutil.ReadFile
a6e8ae41d fixes version_test.go
841913db8 Close the stdin/tty on server start to avoid shortname prompts
e430b1df6 Update debian repository url to use https
3f4bef945 docs: fix http link
c2b9d0fd8 docs: update kubeadm tutorial
b64e716a9 Fix `make lint`
f36c64dbd Return runtime API version based on protocol
cce49c0e4 Update compatibility matrix to mention v1.20
77f1b7c36 add method comment
84b616b79 restore irqbalance config only on system restart
aa46a2393 add blurb in doc and more informative name for unit tests
13be7ae5a add is-enabled check for irqbalance service
9930cc33d fix unit tests
ce9973796 add unit tests
b3b48b31f fix bash/zsh completions
3cd55b226 fix the docs validation
cf61f947d handle irqbalance service
7a1939882 runtime_vm: set finished time when containers stop
78c91cbf9 nsmgr: fix/add calls to GetNamespace
177250f74 managed namespaces: move to dedicated package
10c9e4961 Provide integration test for infra-ctr-cpuset feature
5f9dbb1a2 Set CPUs for the infra containers during the creation
b3fb25b44 Add shell completion for infra-containers-cpu flag
e0f7ccc32 Add new infra-containers-cpus to the CLI and config file
30b0aea2e refine `registries` deprecation message
ac8e51bfd Circle CI: install test/registries.conf
d0e9b8b0c crio.8.md: runroot defaults to /run/containers/storage
2e49302ed support short-name aliases
22417169d pull: do check for blocked registries
83974bbdd config: deprecate registries
4879bba02 Rollback gocapability vendor bump
78261109b vendor: bump containers/storage to v1.24.4
d25bfe297 Update nix pin with `make nixpkgs`
709e4d170 contrib/test/int: add Kata Containers runtime support
ce0beec25 contrib/test/int: enforce linking in parallel build process
85e67f811 contrib/test/int: build parallel from sources in CentOS
b18fe2cbf contrib/test/int: allow to skip user namespace testing
506e7c2e7 contrib/test/int: allow to configure test timeout
cc9d037c3 Capitalize Kubernetes
c85474476 modify the error url of podctl
1b7e811fb Add Digital Science to adopters
e0bf8bc94 pinns: make binary not always static
0aeb7d27e server: use IsAlive() more
2460f6d26 Support CRI v1 and v1alpha2 at the same time
1633196c1 drop support for ManageNSLifecycle
b395cd224 test/timeout.bats: increase timeout to fix flakes
ab2626872 release-notes: fix flags
fa6a34381 test/timeout.bats: fix comments
553123b19 int/resourcestore: fix comment about Put
de186def3 test/image.bats: simplify some loops
0a30ab479 test/helpers.bats: simplify cleanup_*
cfdf40e4b test: add timeout.bats
521fa1948 bump network creation timeout to 5 minutes
87977f19d resourcecache: add watcher idiom
1d2328aa8 server: use ResourceCache instead of dropping progress
4bdc500ba Add unit tests for ResourceCache
76ebcac66 Introduce ResourceCache
a4588db28 moves shmsize to a handler allowed annotation
8e8f164f2 image pull: close progress chan
1fffd7210 test/ctr.bats: fix a "ctr execsync" flake
2bca8ec2b Fix the functions' name in completions
5e80372b7 Increase release-notes run timeout to 30m
7150db5ba Bump k/release to v0.6.0
eabdf7e4e ci: enable shellcheck for bats files
829053a41 test/network.bats: silence shellcheck SC1090
0c42734b2 test/network.bats: s/which/command -v/
c50658467 test/inspect.bats: fix SC2086
e62136838 test/image.bats: rm unused code
03f8eae37 test/network.bats: fix shellcheck warnings
149619d93 test/devices.bats: fix a shellcheck warning
15a3cb785 test/pod.bats: use jq to edit json
64c0fb2a0 test/network.bats: use jq to edit json
7053a2c39 test/*bats: rm unneeded stop_crio
99e521b23 test/testdata/container_config_sleep.json: rm
2a40a639a test/ctr_seccomp.bats: rm testdata/container_config_seccomp.json
9ca6eeab4 test/selinux.bats: rename a test
d309db54b test/selinux: rm testdata/sandbox_config_selinux.json
6ca29591a test/pod: rm testdata/sandbox_config_sysctl.json
f1fc4626f test/ctr.bats: do not create files in $TESTDATA
25a559237 test/image: rm container_config_by_imageid.json
f10a38851 Use own metadata types
09f929216 test: use jq to manipulate json
029bb46bf test/*bats: rm excessive runs
25db96707 Add CRI glue types for v1alpha2 and v1 usage
e8127e0e7 Add CRI v1 API
c4df5708c Fix make vendor GOSUMDB
d0e2cfdfd make: drop link to crio.service
5ad548b38 test: rm "run ctr with image with Config.Volumes"
39ff75035 test: add no-pull-on-run=true
ea9d2ab31 circleci: use updated images
284779311 Check allowed_annotations under performance hooks and drop deprecation warning
91ea6ac1a Add clean v1alpha2 CRI API interface
63bd12659 contrib/test/int/build: bump a few deps
abf049f6b circleci: use go 1.15 for vendor
302b36c0f ci: bump go to 1.15.5
bafa2a870 circleci: bump go to 1.15.5
7f046e2af Pass runtime to the handler hooks
bd5ae5de2 Provide methods to check allowed_annotations for high-performance runtime handler
38f8e9da5 Provide a better value for features specific annotationis
bd78f7e89 don't do unnecesary iptables restore
942e6255f switch CRI-O to use its own hostport manager
d17d157e0 dual-stack host port manager
a86d258c7 fix upstream hostport manager
76f6d342f Add README to hostport folder
7dbafacd1 fork hosport kubernetes code
90ae7e2d7 ignore test binaries
8dd12dc42 fix cleanup func wording
7244e40ca server: refactor handling of cleanup funcs
d2b341659 Make NamespaceOption an internal type in sandbox
49d0de238 test/e2e: disable a flaky test
22ce1d7a3 contrib/test/int/e2e-features: skip Serial tests
f1b6fde01 contrib/test/int/e2e-features: rework "skip" regex
fd15db07f contrib/test/int/e2e: rework "skip" regex
5e57f4215 contrib/test/int/e2e: rm obsoleted TODO
9ef215fb7 ci: move check vendor to github actions
437f1c1b8 Makefile: rm GIT_MERGE_BASE
a4309e000 circleci: fix cri-tools install
b59718676 alphabetize OS
ad043ae9a Update install.md
d22c37e71 ci: move docs-valication to github actions
9dd630514 ci: move shfmt from circleci to github actions
2489684ac ci: move shellcheck from circleci to github actions
7f9f09801 ci: move golangci-lint from circleci to GH actions
9fe43d28d github/PR template: add /kind ci, other
359c60f2a vendor: bump containers/storage to v1.24.0
99081ef41 Makefile: bump golangci-lint to 1.32.2
936e21890 circleci: rm build-test-binaries job
b3000eb70 test/devices.bats: fix "additional device permissions" case
22d9e7e8f do not enforce seccomp profiles if disabled
1eddc1b9b ci: use cri-tools from git head
a53c2a70e test/devices.bats: rm unneeded run
7b910a08f test/devices.bats: skip earlier
329ccbafb Add wrongly removed word
7ff1fbc05 Update the crictl tutorial and simplify a few steps
fedd00c0d Make CNI setup instructions a bit more clear and fix nits
205711e5e Fix links to installation documentation
24b7e4f83 move is_cgroup_v2 to helpers
ddcfee824 oci: add Devices to allowed annotations structure
54477302e restore.bats: allow userns tests
61dad864c test_runner: test userns with manage_ns_lifecycle
ba3d36c00 test/ctr_userns: rely on global userns testing
34d0aacbb Allow userns together with ManageNSLifecycle
1daaa067c server.createContainerPlatform: fix userns + spoofed infra
4e0cb03fe server: add userns mappings for spoofed infra
6e897b8e5 runtime_vm: Ensure closeIOChan is not nil inside CloseStdin's function
b256264f1 test/command.bats: fix device test
7646b5b74 server: fix some nits about resolveSymbolicLink
917d39c66 move device handling to container iface
c3370fb0c move additionalDevices handling to separate package
c8e270f23 Bandwidht CNI plugin reserved an upper limit on burst,in which banned include boundary. See: https://github.com/containernetworking/plugins/blob/v0.8.7/plugins/meta/bandwidth/main.go#L113
fe8c25a1d Update nix pin with `make nixpkgs`
3ca6f8dae pinns: fix ownership for created namespaces
d7d8f7a29 pinns: use a socketpair instead of a pipe
374415de8 vendor: pin shfmt to v3.2.0
f4301256d OWNERS: add myself
bd364cd2c Log version at startup
88159bb7b test: rm disabling selinux from userns tests
e54203c8a curl: add -S where -s is used
98fbf5bab ci: bump crun to 0.15/HEAD
be3ec3c1e nix: fix static build
0cfc673cd test: bring back userns testing
c9290e44c test/network_ping.bats: skip with userns
a3d0b391d test/restore.bats: skip some tests with userns
6931ee743 test/network.bats: skip hostnetwork test with userns
b7db612de test/image_volume.bats: fix userns check
b4d692617 test/drop_infra.bats: skip if userns is enabled
03cfc2fcc test/ctr.bats: skip privileged test when userns
f147b4a9e Preserve sandbox annotations for handling OCI hooks
3e6b81904 Increase integration test timeout to 30min
9750103ae Upload bundle in separate CI step
ecece5641 vendor: update containers/storage to v1.23.7
35f64617e test: disable crictl pull on create
f41aa4ae5 Update maintenance versions in README.md
d22514351 test/image.bats: pull the image to be used
a400561a7 circleci: use ubuntu 20.04 image
468d49427 removes runs
70f73ab7b circle-ci: use go 1.15.3
8a2f5f189 Add SUSE CaaS Platform and openSUSE Kubic to adopters
58328a6af Error if GitHub release could not be found
ca11353f8 Update e2e-aws logic for 4.7
95f285103 drop error in finalizeUserMapping as well
455a1b6b5 Adding Oracle Linux Cloud Native Environment to the list of adopters.
4cfde377e userns: use the same ID if the mapping is missing
0de968083 Add KubeCon EU 2020 talks to awesome list
99a21e919 use correct mappings when they exist
ba9c0c245 drop AllowUsernsAnnotations
1a5553ebd add allowed_annotations to runtime handler
1d0f68156 update documentation of privileged_without_host_devices
f0fab44c4 template: move default_runtime closer to runtimes map
5c9085a9f Fix release notes generation
23e0ed065 begin ADOPTERS.md file
4cf0a2915 test/testdata: rm container_redis_default_mounts.json
7e88c2cd6 test: mv test-specific setup out of setup_test()
b8af8c4f0 test/reload_image.bats: nits
35b7de3c8 test/default_mounts: rm --deprecated-mounts test
e1ffae3b5 test/default_mounts.bats: rm excessive run
5a59e514e test/testdata: rm *namespace*.json
ba126e6de test/namespaces.bats: rm excessive run and cleanup
83fe6c285 test/testdata: rm sandbox?_config.json
2a0076143 test/testdata: rm *_hostport.json
3fbdf6fa4 Remove last traces of --default-mounts
023c57ac7 test: improve/rename parse_pod_ip -> pod_ip
bc9d66793 test/helpers: improve test_pod_from_pod
417f0591f test/network: improve "Check for valid pod netns CIDR"
d7babd6ac test/network_ping: merge the two cases
905511a2f test/helpers: show crio.log after the test
8343d16fc test/helpers: hide crictl info output
2bdf0e109 test/helpers: rm temp_sandbox_conf, switch to jq
a6c985492 test/shm_size.bats: fix SC2002
a035e1561 test: simplify check_journald check
0483c62b2 .gitignore: rm conmon
e6ef7221b test: simplify check_metrics_port -> port_listens
5502607e1 container_create: fix /etc/resolv.conf to be ro
d04aa9092 test/testdata: rm container_config_resolvconf*.json
979dabda1 test/testdata: rm sandbox_config_privileged.json
347b03e01 test: rm testdata/container_redis_env_custom.json
1dbd73dc5 test/testdata: rm some unused files
2ba965644 test/pod.bats removes excessive runs
9784199e6 test/pod.bats removes unneeded teardown
5f4774efc runtime_vm: Ignore ttrpc.ErrClosed when removing a container
802b4e4fe runtime_vm: StopContainers() should not fail when the VM is shutdown
85f341c32 runtime_vm: Don't let wait() return ttrpc.ErrClosed
0f2a07053 runtime_vm: Fix updateContainerStatus() logic
fecf1a1d8 network stop: don't segfault if sandbox isn't created yet
2fb259791 Revert "Move back network setup to after adding infra container"
06b6e129f test/ctr.bats: use $newconfig
54959f5b8 test/ctr.bats: replace sed with jq
a7746c2dd test/ctr.bats: convert python calls to jq
bbd70e433 test: rm edit_json, use jq directly
ae7ac6105 test/ctr.bats: shfmt it
6693d79c5 CI: add shfmt check for bats files
4953fb28c test/*.bats: format using shfmt
4c9984603 shfmt: update to current master
407603303 introduce SeccompOverrideEmpty
e9d9b3011 server: cleanup container in runtime after failed creation
685f275d3 defer removal of container in storage immediately
cf79dc39f test/status.bats: use shfmt
0ea616973 test/status.bats: rm excessive use of run
70ea166d3 test/status.bats: minor refactor
7bc848cbe test/image_remove.bats: rewrite
510e5325a test: tidy image prefetch
6e0d7a3c2 test/image: rm unused var
4ab412848 test/ctr.bats: fix SC2086
27dd454a2 test/ctr: rm excessive use of run
eea57ad02 ctr.bats: fix jq checks
19e521422 test/ctr: fix "privileged ctr -- check for rw mounts"
86596bdcc test/ctr.bats: fix "annotations passed through" test
bea64ec68 test/ctr.bats: add is_cgroup_v2, fix SC2046
601e1e4ca test/ctr.bats: rm unneeded cleanup
37c9c24ed test/ctr.bats: fix SC2002
96b8890e5 test/version.bats: fix/improve
b45e341ee test: fix SC2086
dd3c394e3 crio: add new option --separate-pull-cgroup
fbed1b37e crio: move in a new cgroup on reexec
26cf82891 test/command.bats: fix shellcheck warnings
e60a04514 test/crio-wipe.bats: rm excessive run usage
6c69b4495 test/crio-wipe: simplify code
f0e081865 test/apparmor: simplify is_apparmor_enabled
e5bea7e08 pull: move image pull to a new process
7cc83932b crio: force garbage collection with SIGUSR2
4b549f542 test/network.bats: fix "Clean up network" tests
9da1a3ea8 Update nix pin with `make nixpkgs`
e559d8e0e test/helpers.bash: rm "echo 0"
caebae40e Support passing properties to RunUnderSystemScope
ada8cfcaa test/network_ping.bats: simplify
b03195eb5 test/network.bats: simplify, fix shellcheck
ef07f7192 Move back network setup to after adding infra container
178872342 Bump master version to 1.20.0-dev
39a0e7984 server: use more GetContainerFromShortID and less GetContainer
965b70fad server: do not do container operations on a not created container
928edf243 server: do not stop/create container if pod is not created
9284c007d defer network stop ASAP after network start
83169c578 network: create as early as possible
00bf747aa Bump Kubernetes to v1.20.0-alpha.1
a78651ff8 Bump logrus to v1.7.0
6913515c8 runtime_vm: set Pid and InitPid for VM runtimes
1a35fce0c go.mod/sum: update
309b3d07e contrib/test/ci/cri-o.spec: rm GO111MODULE=off
6445c1418 Makefile: rm GO111MODULE=on and -mod=vendor
8eb6575c6 CONTRIBUTING: no need to set GO111MODULE
012e52db9 Makefile: fix vendor target
bd3aa8151 internal/config/node: add checkFsMayDetachMounts
a2bc9d35c Fix bogus CI test failures
056b43d11 runtime: parse oom file for VM type runtimes
c49ee2362 test: use crun 0.15
b66ec3f42 test: adapt test to new crun output
bac4a3ea0 moves spec generation to container
40709d286 test: drop infra container
4aa7d4c51 test/config: fix shellcheck warning
94ef42cbc test/config: fix "config dir should fail with invalid option"
1d097f7d5 cni: fix ipv4 configuration file
4f1e4efae [feature] support custom shm size and docs
deba2580b Update nix pin with `make nixpkgs`
a20c3a4de Verify Cgroup Memory - cgroupfs
7eaede753 deprecate manage_ns_lifecycle option
aac00ea84 Enable debug logs for release notes generation
0d878de1e Bump GRPC to v1.27.0
53b72efe1 test: skip MetricsGrabber tests
9afdd35c3 drop infra container when appropriate
25383e728 server: no longer assume some infra containers will be nil
e42b2b1c5 sandbox: add NeedsInfra function
fdab97f50 oci: add Spoofed() function
33de444ce introduce pkg/annotations
4ff61bb49 portforward: rework to not need infra container
3c241bdbb pinns: fix pinning cgroup namespace
26de5b665 pinns: allow sysctls to be passed
3f655aa2b test: configure self when kata-runtime is the CONTAINER_RUNTIME
9e337b0ab test: add tests for dropping infra
3978b8cf5 add --drop-infra-ctr option
7d56d27b1 broken link
dff47619b update link for podman
3fd6ff726 add the integration tests for handling default runtime
db3f22b4c Update containers/* dependencies and vendor libpod/v2
0f9a374ea test: remove generated file
e5940bc87 Updating documentation of kubeadm with offline configurations. Signed-off-by: Athanasios Garyfalos garyfalos@cpan.org
6bda9b5e0 Force pkg dependencies to older ones compatible with gogo/protobuf
1635b0d26 Switch to Kubernetes AppArmor unconfined const
ca1c46636 Update crictl.yaml to reflect cri-tools v1.19.0 configs
40b9d971f Bump cri-tools to v1.19.0, CNI plugins and golang
6f9341d5d Add image layer reuse docs to metrics.md
167fed492 oci: parse stat file instead of using ctime
12a5cb458 Print seccomp profile JSON only on trace log level
ec69e86fa oci: return IsAlive error instead of logging
687202247 sandbox config: Improve validation error message
7b1e83595 pinNamespaces: fix cleanup and error returned
2b5a80d57 pinNamespaces: set capacity for returnedNamespaces
9925188dd pinNamespaces: use string concat instead of fmt.Sprintf
525d5b760 sandbox: ignore enoent on shm unmount
b66da412d Revert "runtime_vm: Cleanup process when the Container is Stopped"
bc9dd6fe2 test: deflake stats test
635ab5f5d oci: improve error message for verifyPid()
b6db1d8a0 Fix pinns compilation for TEMP_FAILURE_RETRY
4a3f8b87d Vendor Kubernetes v1.19.0
8152e00f3 config: set internal RootConfig to default storage if not specified
827eb0bfc Revert "dual stack portmap support"
f45c631ab Update nix pin with `make nixpkgs`
773f6b0b5 branch forward: stop on rc
5011a7b2f added irq smp balance and cpu cfs quota control
6a3f71112 Code clean up in containers_create_linux.go
7b942ed73 Remove git-validation in favor of prow/golangci-lint
f97ad7fd3 dual stack portmap support
f0d987acb Switch to containers/common for AppArmor
017e62dc1 Unset GOSUMDB when vendoring
4bf30158a storage: delete layer if mapped
ad2ed3b79 mapping: add support for userns-mode annotation
f035d6077 server: make paths to chown also accessible
d9d3789cd vendor: update containers/storage to v1.23.1
7f8c00e5e server, systemd: export container env variable
2716da1de remove --runtime option
0afa35525 fix high performance hook self-exit container issue
9e112eebd oci: move channel close to writer goroutine
3472cc5c8 test: fix container stats test
d4c32cb00 test/stats.bats: fix/improve container stats test
d1e2ea04a test/stats.bats: improve test case
d05a6335e test/stats.bats: fix typo in a variable name
9a1490531 managed ns: report namespace cleanup failure by default
4ed669482 managed ns: ignore `PID not initialized` on sandbox creation
ff6d989fb test/apparmor: add missing test case call
aca64980b test/cgroups.bats: enable pids test for cgroup v2
01432f5d6 test/cgroups.bats: simplify and fix
0aacb5b53 test/critest.bats: move setup/cleanup out of test
b811a2040 test/apparmor: simplify
6f169692f test/apparmor.bats: add teardown function
b4eb95602 test/cleanup_test: improve
5bce7486a test/wait_until_reachable: fix
d6405601a test/ping_pod_from_pod: fix
60a04790f test/pull_test_containers: fix
8bf151454 test/critest.bats: fix
d2ded1d73 handle runc not present on the system
838ab4aed Add fidencio to OWNERS file
ab82e12e0 Use Unmount w/o prior Mounted check
15375c94c Don't limit the size on /run for systemd based containers
8c7c8028e oci: reorder conmon args
80609e566 config: check conmon version before assuming features
5dcf88604 test/image.bats: rm useless code
c5d29b355 test/*bats: fix excessive use of export
616b7855e test/ctr_seccomp.bats: unify common code
2a45877ae test/ctr_seccomp.bats: unify/simplify seccomp check
149e13b07 test/ctr.bats: properly declare readonly var
2c4d5de9b test/apparmor.bats: fix shellcheck SC2030,SC2031
f2469036e Remove duplicate check for enabled seccomp
d9ea3921d Bump test images to go1.15
61736cbe3 runtime_vm: Store logs in the correct format
8e45b939e Revert "Fix potentially unclosed file in runtimeVM#CreateContainer"
e3e4385d1 selinux: override only specified values
8cbe37722 Fix container cgroup under cgroupfs
3609f6475 server: reduce complexity of getSourceMount
7a48cf993 server/addOCIBindMounts: speed up
6dd52f2ac Reuse Kubernetes API consts for seccomp profiles
dca828597 oci_linux: fix working set calculation for cgroupv2
18fa73d9e Switch to go 1.15
49d121594 Add /sys/dev as a masked path path
eddf148a1 oci_linux: fix working set calculation
059934138 test/image_volume.bats: fixes
79c52eb1e Revert "tests: adjust test to not depend on runc behavior"
76c7e8657 test/*.bats: fix checks that id is not present
bf10fcafe test/*bats: fix shellcheck SC2076
a881562a2 Fix logs that have wrong func names
f90a1dda0 Ensure CloseIO is called after Start for exec
e21f21edd Add layer reuse metrics
ae5630f72 Bump golangci-lint to v1.30.0
e790775d9 Vendor Kubernetes v1.19.0-rc.4
dfcd1691a config: create hooks dir if not present
cbc7c514c docs: Move logo location
d69d6d728 docs: update installation instructions
371a60093 use errors.Is() instead of errors.Cause()
e1eb96fc8 Fix lint pipeline by gofumpt'ing cgmgr_test.go
c99023d50 Parameterize strip binary in pinns/Makefile for cross-compilation
0bfefee51 Make filter container list be able to filter short pod IDs
44e0c0db7 drop findprocess
009ccb65e oci: rarely access Pid directly
5b3c5b655 exec sync: check pid instead of calling runtime state
1d672d139 server/createSandboxContainer: minor optimization
b44a6cafa setCPUSLoadBalancing: nit
042a4a76c setCPUSLoadBalancing: optimize
82b339265 setCPUSLoadBalancing: rm repeated call to c.Spec()
484551e15 shouldCPULoadBalancingBeDisabled: simplify
5a5aa34cb Remove unused global vars in memory storer
e8d4b0bc6 exec sync: be more careful about temp files
814c1bb01 runtime_vm: Cleanup process when the Container is Stopped
8b4ffe784 docs: fix cni documentation
79de63e63 contrib: update the crun version to the last release
b55168f78 test: fix regex to look at the beginning of the line
4d21cd3f0 add stats list unit tests
857bcd34c stats: skipped stopped containers on container list stats
ae69fd7f6 crio: use json-iterator/go instead of encoding/json
91d3d2791 Do not remove existing runtime handler
964d0d3a2 Speedup static build by utilizing CI cache on `/nix` folder
3f7d13e62 Add `make release` target
f64d6d5e9 runtime_vm: set container creation time
cd9e835c2 test/command: add test for --profile
1aa5f89a4 test/helpers: rm start_crio_* twins
eb9321386 Remove unnecessary err assignment
faad1a446 runtime_vm: Avoid possible deadlock on UpdateContainerStatus()
1313a9a2b Fix unit-tests and regenerate mocks
e6e3c4ad0 Bring back pprof
9d4195941 Add testcase for createdAt timestamp restore
f7f4a8664 Restore Sandbox createdAt timestamp on cri-o restart
2a260703f Fix gofumpt lints
300380462 name is reserved: give more informative error
fb3cb0a2f Restore CPU load balancing just when an error appears
d34d57c94 Add unittest for the high-performance hooks
fe69fd2b1 Add RuntimeHandlerHooks interface
dd5abc1c5 Add gofumpt linter and apply lint fixes
e115e4cc8 Cleanup nix derivation for static builds
496f1e426 Provide unittest for the CPU load balancing method
8a48ff5d3 Provide functionality to disable and enable back the CPU load balancing
6886573e6 makes containerstats just get one container instead of whole pod
5cbbd289d Update UpdateContainerResources unittests
e29c3ffe4 Update the container resources under the spec
1ee062c85 Make integration-cgroupfs tests depdent on results
a2ec1d40d Copy spec to not touch original spec on exec(sync)
74a94b546 Add volume mount option for SELinux labeling
00c33525f Implement BigFilesTemporaryDir
65b692268 Perform log directory validation early in Server#runPodSandbox
ce5825f1a Remove resolvPath when Relabel fails
abecfdf31 remove all cases of returning an error named err
fdb2df175 container: handle SelinuxLabels
9b881b0b5 container: add ReadOnly()
b852ad675 container: add Image()
6e883db15 container: add fips disable handling
1f51d6d5d Revert "container_server: disable fdatasync() for atomic writes"
77cf58c91 node: fix panic if /sys/fs/cgroup failed to stat
4810ca3e3 Use /usr/bin/env bash in crio-shutdown.service
c4795b496 Fix static binary mode retrieval for musl toolchains
c180faac7 change variable name err to retErr for deferred comparisons
705381c46 runtime_vm: Improve CreateContainer cleanup in case of failures
d785c14fc runtime_vm: Create deleteContainer() helper
11ae5b78d Close the done channel in runtimeOCI#ReopenContainerLog
d5920c866 Update golang dependencies
924a8e983 Fix potentially unclosed file in runtimeVM#CreateContainer
65fe2c5fb Bump testimage versions including golang
15264b7e5 Enable more feature tests
9bf8e5397 Vendor Kubernetes v1.19.0-rc.1
7170231d8 internal/oci/runtime_vm: lock around map access
cbd32ae9d internal/oci/runtime_vm: fix resizePty signature
11ec0bcda circle: save output for debugging
ce0921e74 test: add circle job that runs with cgroupfs
d8615ec46 managed ns: don't remove namespaces on sandbox stop
d33995bd8 managed ns fixes
02d8bb96f runtime_vm: Ignore ttrpc.ErrClosed when shutting the container down
b6b4d1023 Update golangci lint to v1.28.3
c2255b718 oci: add debug logs for runtime state calls
b058683c5 Return empty DecryptConfig when no keys to force decryption
fd07083b4 test: drop cgroupfs override
fa9e413c2 Make release notes generator capable of handling tags
a97c66840 Validate cgroupfs conmon cgroup on start
83e8282c4 contrib: enable debugging on the kubelet
77bb73c29 contrib, e2e: force systemd system session
b803107b0 server, root: unset XDG_RUNTIME_DIR, DBUS_SESSION_BUS_ADDRESS
945adb00b contrib, cgroup v2: use kubernetes master
aee425b19 pods.bats: force usage of the system bus
04c44932f config: fix systemd version parsing
ceb473cf3 skip another failing test
a69782498 e2e: skip failing test
0a2c92d17 use cgroupfs to fix tests temporarily
e8c12b348 Streamline how done channel is closed in Runtime#WaitContainerStateStopped
83ec8f8ed test: bump go version to 1.14
23193ea43 Add runtime_type as an option of "--runtimes"
bb54e152e runtime_vm: Apply the correct label before the sandbox is created
56140296b sandbox_run_linux: Use libconfig alias
c0da93f0d test: use node readiness as an indicator to run kubetest
ab8f1acdc Add logic for running openshift e2e-aws tests
164f46cc6 server: re-add gocyclo skip
6b6a604e2 Restore version output from crio --version
00af53a89 Enable SCTP and seccomp e2e tests
6b9dfc6e8 criocli: Avoid parsing the config twice
35a8caf8a StringSliceTrySplit: return a copy of the underlying slice
3d2cd5a4c Remove the protocol filter from the portMappings constructor.
a296edd66 test: fix seccomp tests
3e063339a pkg/container: handle logPath
859a65099 Use the container_kvm_t label when using kata as the runtime
978a0bc3d use inactive-or-failed CollectMode if appropriate
861297e93 Close the done channel in waitContainerStop
dee450550 Send only single error to stdinDone
8e4a4b774 config: add ulimits package
3752167dc logs: fix some problems
63e8f1f07 oci: check state before stop atomically
c0f5c1679 Container should only be added once after passing filter
5571a88dd Add info logs for image pull and status CRI calls
490d651cc server: store container privilege bool in pkg/container
44607af0d bump runc to v1.0.0-rc90
1fed461fe config: add node package
ac966530c oci: make failure to move conmon to new cgroup fatal
058d6b926 config: add cgmgr
fa6114234 managed_ns: deflake tests
a083494ff Add crun to static binary bundle
764d5caac Add crun to config template
87c26e6bb Update k/release to 0.3.2
954585ddc Add sandbox IPs if there is no error in IP retrieval
832e6fc19 Cleanup default info logs
aa8f005d9 Check whether seccomp is enabled before making assertion
2e5aad445 Close the done channel when there is watcher error
4033c7ac4 vendor: update seccomp/containers-golang to v0.4.1
99d7f7256 Add unit test for sandbox response verbose mode
83e01c296 sandbox_status: Fix typo in error message
cd85ebf7f Use correct format for logPath removal log
b689ae675 Use one deferred func to execute cleanup func's
a5bc7193d test: Add a test for pod pause image
166bd36d8 Return verbose information for a pod
525b1d335 Store pause image information for a pod
9197a5568 Added signature - Fixed standard cidr and typo
52dadcf42 Update golang dependencies
613cbdbee Add image pull success and failure metrics
3584fa451 attach: Don't return early for non-tty attach if there is no stdin
35c0c79e2 Fix the kubeadm command
7512d3166 Remove socat runtime dependency
de262316f sandbox iface: don't fail if uid is not specified
67fc28844 Exclude failing conntrack e2e test
247d465e8 Add `privileged` indicator to container status
e7e0746e3 Check that SecurityContext is not nil before dereferencing
3c7f385b3 Allow release notes for release branches
d686db64c crio wipe: log less
1ffd66949 Update nix image and dependencies
92f9f68f9 container_server: disable fdatasync() for atomic writes
a02f21766 vendor: update containers/storage to v1.19.2
25fcca87a bump version of libpod to get selinux
e62039468 Automatically label containers running systemd with the correct label
0fda6777d Add metrics exporter and documentation
9a53c232e crio wipe: add version-file-persist
e1f3fe0af Update k/release repo and use go templates
4a841df26 Update golangci lint to v1.26.0
0c3a5dff5 Switch to logrus 1.6.0
a9ff43ce9 Remove containerd/release-tool dependency
a6e8db404 Update Kubernetes to 1.19.0-alpha.3
de45cf1dd Avoid unnecessary locking on runtimeImplMap
2ec6e6a73 Add `--metrics-socket`/`metrics_socket` config option
a96823544 Cleanup go modules and vendor
cffb00c88 Missing `cd ~/.ansible/roles` Before `git clone`
fac15d5da Close done channel if the wait for ContainerStateStopped times out
086eeaa5f version: return empty link mode on failure
de0f51822 version: omitempty on String()
3007180b0 Delete container Id only when impl.DeleteContainer(c) passes
727b3a116 Delete container Id from ctrIDIndex if podIDIndex.Add fails
0540afc0a Add support for making reproducible builds
8e7d4d2c0 Adds Ubuntu 20.04 to install instructions
604eeb1b3 oci: drop container level privileged flag
7b6696b65 port error: check for error
4d6d96c1e port forward: add stream nil check to pass unit tests
7016c3e13 port forward: drain the stream on error
351af8519 Vendor in v1.9.1 containers/libpod
93420c499 Fix naming unit test
c83b0040a Check error return from os.Create before closing file
ed3d80f87 Close channels in runtimeOCI
192621d9d Remove latest-version script
0b105b24a Remove crio-wipe and crio-shutdown systemd units from bundle
9b80a5818 Avoid removing container twice
d04755a08 Return an error if context has been cancelled or deadline exceeded
b5fdabc22 Use correct upload URL for binary uploads
4a6beaa9b Close the channel for syncStruct
0806f14e2 Remove unnecessary error wrapping for runtimeVM#StartContainer
65d8bb6cd Fix CI by re-generating mocks
2079196f8 cni ctx: call cancel func
6171dcf39 give fraction of timeout to network{start,stop} calls
1ad8ce652 Pass context from caller to ocicni
870cd9b7d Update ocicni vendor code to get new methods that support context argument
926daa840 Use bats v1.2.0 release for CI
ae353585c Fix Linkmode path resolution
78badc81c test: check for rw mounts
c6233a2b4 Makefile: include -nobuild install targets
ed34636da Close childStartPipe if cmd.Start() fails
d1172d693 Do not hold lock when ExponentialBackoff() is called
3eff5407b readme: drop support for unsupported branches
8f01225a4 Fix incorrect image digest for test image
83257214a test: update digests and test
fa2db8d8a test: update image digest to fix test
2843f551e Fix linkmode for static binaries
e785dd2fd Check for context erroring before returning from longer requests
5daa5ac79 Allow comma separated string slice parsing
cd5d1a08c Add info logs where needed
dc945b31d Add Installation Guide with Ansible
39a35cb30 Use absolute path to binary when retrieving linkmode
dff32318b Makefile: allow customization of go commands
3261c2a75 vendor: bump ocicni to b197cd13855bae919c7c75c191c976fcc48610b9
5d2494793 Add Codecov badge to README
f7896341f Fix static build DNS resolving with netgo
9b2ee751e Add docs and completions for default_env
b92a3e6f7 Add a test for container default env
cfcee0126 Add support for default_env in crio configuration
c0b466e86 Stop container when there is error in createSandboxContainer
0c8b231c1 contrib,crun: use version which correctly writes swap
9f334aabd test: refactor handling of mem swap
7bdf93819 only set swap if we have the swap cgroup
51cfd5c76 SetLinuxResourcesMemorySwap to the LinuxResourcesMemoryLimit
44dda8b52 Add release-1.18 reference to documentation
3816fb11f Update cri-tools to v1.18.0
307be36a7 Validate capabilities on CRI-O start
d67eea300 stats: spoof stats on a cgroupless ctr
f25db77b3 add haircommander to OWNERS file
0361c5e37 Fix GitHub artifact upload via new upload-artifacts target
a7e117e44 Update libpod to v1.9.0
ec26619e3 more retErr fixes
2e494c323 Use named error return for container_server
66dc81696 config migrate: add pause image and namespace dir
62c02af51 add stop container for StorageRuntimeServer on error
95d5ab215 bump default PauseImage to 3.2
39aef1a09 Add shellcheck linter and apply fixes
b7be5b673 Update go-mod-outdated to v0.6.0
b5242b807 Add dependency report badge
be8e876cd Add runtimeSpec field to container stats info
99388a706 Add OCI image spec to image stats info
7f4ac3b7d Move crio defaults back to /etc/crio/crio.conf
4e795832a Fix lint reports for setnameandid test
3f89b9539 Use proper variable for error return in Server#createSandboxContainer
10f522002 Update installation steps for CentOS
89ff7c1b9 Fix CircleCI job race accessing gh-pages branch
5ae550efd manage ns: don't remove top level directories on pod teardown
fabb871e4 manage ns: debug output of pinns
ffede601e branch foward: skip release candidates
55bec4dae server: skip setting memory limit to 0
c36a8ebb9 Upload release bundle automatically to GitHub
ac1112c45 Update dependencies
c24e99945 Generate dependencies file in gh-pages root
086982d61 systemd unit: drop requirement of crio wipe
1e0419df5 makefile: allow version to be overridden
af2509fe1 Update kubeadm docs
e5397f81b Add dependency report to gh-pages and CircleCI
d8a709f8a Assume hugetlb is not supported by default
80d1a2466 Update shfmt to 3.1.0
96e76dd2e Enable debug symbols for binaries when make DEBUG=1
2e5b40a62 Vendor in latest containers/storage
7501a08aa Skip already uploaded artifacts with gsutil
d0d099a90 restore tests: verify some namespace lifecycle cases work
92aeb50b6 fail on failed pinns
c443e9b88 pinns: pin to /var/run/*ns instead of /var/run/crio/ns/*
1dcf7b931 Fix typo in apparmor tests
92863e3b3 sandbox: Make sure the label annotation is proper JSON
9afd5ff71 container_server: Wrap a few more errors in LoadSandbox
2bc9e13f5 Add image labels to ImageStatus Info
5281f1382 bump to conmon 2.0.15
5146d6c63 Add the mounts that are required by systemd
b297abab6 Skip already uploaded artifacts with gsutil
1806cabfa Add release branch forward to CircleCI
5cc33b558 Update Kubernetes to v1.18.0
474d29407 Test for master tag if release branch contains none
2d5cedabe Add SetNameAndID to Sandbox interface
e540ef3a8 Make release notes require results in CircleCI
ab431e66d Add crio config --migrate feature
717425df0 vendor: use directly github.com/creack/pty
9e10f54d3 Use HEAD for runc built from source
b91d80994 Do not take config dir into account on config creation
360177a6f Make docs-generation and completions work rootless
63230017a Move CNI plugin into NetworkConfig
3027070ca build: clean generated bin/ dir
f2ffe39fb Downgrade golangci-lint to v1.23.8
856ad18aa test: drop make install.{systemd,config}
c2ec5aed7 test: set cri-o systemd restart policy to no
3d110a307 build: Makefile - add shfmt target to help
dfed40b4a contrib: Add kube-local tool
759f498ae Add description to magic test value
d672ed1de Do not Wrapf errors if no format is specified
9d6326b4a config: remove unneeded empty values
b4808eac5 skip ipv6 ping pod from pod for rhel 7
7c535f29e return default-mounts-file
66b5814ab use fedora-ping image
6a0f33ae0 unify sysctl handling
b35ecf1ab test: switch from dnf to yum
88e0c419c Fix specifying string slices
a5db2aee2 drop net raw: add some test fixes to update ami
63b9f4ec9 Remove NET_RAW and SYS_CHROOT capabilities
58657488e Add cni-default-network option
c2b25b4ea Add hint to release notes on gh-pages to README.md
b9db8f3b8 Drop musl build from nix to update to go 1.14
1963aea3e Add shell format check and apply diff
e265ad0ce server/ContainerStatus: don't lock for c.State()
f8f35ba32 drop conmonmon
239ac2049 stats: fix some style nits
976e9b061 Add linkmode to crio version output
309a5bf3d Add release-branch-forward script
3e3725d5b Fix gh-pages push for remote branch
5f49b2c1f Added integration test to make sure annotations are passed through to the runtime
1ed7eb389 tree_status: show the git diff
ff7609400 Add kind/dependency-change label
648b94860 Add further kinds to pull request template
92ec88f99 Fix unit tests for locally configured registries
b039ef652 Add SetNameAndID to Container interface
6885d9088 Publish release notes on gh-pages branch
38ba09453 avoid parallel pulls of the same image
9ae49dad8 vendor github.com/containers/image/v5@v5.3.0
60c01cc24 Switch back to machine executor for CI lint stage
e1f6d2ab1 stats: prevent a segfault
15f1f14ac server: Return grpc code NotFound when we can't find container or pod
7615871d6 test: move readonly_rootfs and privileged to correct place
f757e0a2d Mention starting cri-o for running with kubernetes
64e46e789 Move bundle to contrib and reuse version vars
3ac1d93bb Simplify container log path handling
f3eeee275 build: make uninstall - remove systemd/config files
ad7125fcc Remove utils.ExecCmdWithStdStreams in favor of utils.ExecCmd
f7730c325 Add PodSandboxConfig (get/set) to Sandbox interface
03c7bd758 Avoid filename collisions in JUNIT_PATH
57b3b608d sandbox_run: import internal/lib/sandbox as libsandbox
dbbfd7865 Remove github.com/docker/docker dependency
9f556378a bump conmon to 2.0.12
e02dd7ead vendor: bump github.com/containers/libpod from v1.8.0 to v1.8.1
a3bab821c Update golangci-lint to v1.24.0
7e66be6f3 Remove Update() method
fb6525374 docs: add TOC to setup.md
f038600d4 Skip release notes generation for forks
e8ffd6e17 Add container config (set/get) to Container interface
d1d165abb crun: use version 0.13
97d990230 Add target release version to generated notes
01d40e5cf Add gRPC method name to logs
40d247042 Take localhost/ images into account during pull
0f4b6d6fd fix some remaining instances of assuming cgroupfs default
bb23a494d bundle/test: drop cgroupfs override
a6ae391a3 stats: fix stats when systemd cgroups are used
e4cc02850 integration tests: switch to systemd cgroups
9ccd5ac97 bump to conmon 2.0.11
c862e1fbd Support pulling image specified by tag and digest.
b0717fc3f Restore sandbox selinux labels directly from config.json
345952cb7 Update Makefile targets and docs to crio.conf.d
12918b25e Add runc, conmon, crictl and CNI plugins to bundle
c07429a56 Render latest release notes
73f42d35a Use static runc binary in CircleCI
5f745fa7d Let CRI-O start when `runc` is not in $PATH and not configured
2fae47c00 test/pod: TerminationGracePeriod: skip on CircleCI
34ee0d9ba test/pod: TerminationGracePeriod passthru test
23177bd84 Use `Value` field in CLI for non-default values
211393d25 Upload every successful built bundle to the GCS bucket
11b1fa661 Update golangci-lint to v1.23.8
97b9587f1 Add DEFAULTS_PATH to Makefile
eb9cc161c Flatten internal/pkg/* packages to internal/*
4bec101bd Fix 32bit build by vendoring latest go-selinux
3c48743f8 test/conmonmon: fix getting conmon pid
3d7c5ae58 skip failing storage test
c0f0c897c Add crio.conf.d(5) man-page to the bundle
4bf557482 Cleanup: minor wording adjustments in documentation
5110df3bf Fix some minor whitespace issues in crio documentation
b22b31c58 Add crio.conf.d man page
bb0a68503 Move pkg/config/seccomp package to internal/config/seccomp
f9f058f2f Update dependencies
6ab73e82e Upgrade CI to use go 1.14
b91cb5e56 Apply Kubernetes PR template
07d329e97 Add live configuration reload to AppArmor profile
1f856928c CreateContainer: pass TerminationGracePeriod
43a03bff8 Add CI bundle tests
d81de1839 Remove extra check for go modules in Makefile
917c3e764 Rebuild bin/* targets on *.go file changes
d1696ce6b Improve crio --version / version output
f13aad99c Make bin/pinns a PHONY target
fa3d37c0c Bump kubernetes to v1.18.0-beta.0
295240116 Fix markdown for generated crio/crio-status docs
3010195bb Cleanup config default values
d83645127 Drop support for golang < v1.12
eff11105a server, cgroupv2: do not create cgroupns
e48d23aab Automatically retrieve digest in test image builds
61f9ca072 Add high level Sandbox and Container interface
2c422eb42 Auto inject CRI-O version
c23a169d6 Change CircleCI config to build all jobs for all tags
56d48195c Uppercase first log char per default
ffda0f3be Add cgroup namespace unsharing to pinns
06257791d Add live configuration reload to seccomp profile
9ec3b8dc2 cgroups: parse cgroup.controllers once
d45ad21d7 Fix Fedora based integration tests
2e1d04393 Update docs and completions for crio wipe --force
153c0002e tests: update to crun 0.12.2.1
59c63a611 restore: specify runtime root to the OCI runtime
d1bcb14c9 test/ctr: adapt test to cgroupv2
94c9876d8 wipe: Add a force flag for skipping version check
dde9af43e Remove version marker from AppArmor profile
92d3eaf59 test: adapt to python3
0ed6aa6dd test: look for substring
c12fa5a5b contrib: install crun also at /usr/local/bin/runc
e502d70d3 contrib: fix ansible warning
94799c992 contrib: set crun in crio.conf when build_crun
032baf175 contrib: add tests for cgroup v2
8da112216 container: ignore hugetlb limits if not supported
5c5eb7124 Add user-notice about minimal ctr_stop_timeout
92f899ccb Update pinns build and add small cleanups
007080ec5 conmonmon: errorf when OOM killing
fd88a5bd5 klog: don't write to /tmp
f31362e45 Pass down the integer value of the stop signal
5a112abf4 exec: Close pipe fds to prevent hangs
23582bdd5 Add live reload to DecryptionKeysPath
ad75e22be Update nix package dependencies and cleanup default.nix
a5119bdc9 Make SIGHUP reload for drop-in config dir work
0bb5a2abc update installation info for debian and forks
c2535c68e Add pinns binary to static bundle
f838631f7 contrib: drop system containers
fa8d49cb1 contrib: use crun from the containers repository
a56b2f9a4 Remove trailing whitespaces from configuration template
1280b5d61 oci: Handle timeouts correctly for probes
f6fa7760e fix server restore to not remove podman containers
2c311967c Bump containers storage to v1.15.8
6cefdcca7 drop host_ip from crio.conf.5.md
f4449b681 vendor github.com/containers/image@v5.2.0
1d7d7a0fc Unwrap errors from label.Relabel() before checking for ENOTSUP
00fd41c97 Fix reload behavior for unqualified search registries
0eec45416 Skip invalid hooks directories by default
e48fa304b Add log context to container stats
f4214be7c contrib: 10-crio-bridge.conf change subnet
e962246a5 Update dependencies
720545fbf Add `crio version` subcommand
ee8b72e11 Update golangci-lint to v1.23.3
78e9ee352 Setup container environment variables before user
f7424e9c5 fail on network stop
5284c0a0a docs: improve setup.md
11535c489 Add the container IDs that cri-o assigns to various logs
1a12f8125 move default version file location a tmpfs
764bcf5fb sandbox: skip memory check if set to "max"
ff234bb71 build: make install providing systemd and config
14a2905bf fix nit from #3165
a1cdad7e9 drop host_ip and host_ips
1f1132700 Move SystemContext from Server into Config
0a8efeb0a Update Kubernetes to v1.18.0-alpha.2
2ef722b9d Update urfave/cli to latest version
ea0217e36 Use new containerd/release-tool path
437fb7356 Update libpod and ocicni
68e94e249 Remove unused getHostIPs and validateHostIPs functions
59ef3883d stream server: Bind to all addresses
0074990d6 Fix integration/unit tests
34b7b7008 Vendor in latest opencontainers/runtime-tools
faad45a91 Enable AppArmor tests in CircleCI
4cba27d88 docs: add a blurb about AppArmor profile precedence
0628b3dc8 Fix network ping integration test in CircleCI
b74ec1c3c Add support for crio drop-in config files
d43e2f359 Fix unit tests for rootless runs
65049475d Refactor sysctl handling and add unit tests
e34dad0b3 Log path location when using binaries discovered in $PATH
6a51b90a1 server: allow an apparmor-unconfined container
9ec532c7f Switch default cgroup manager to systemd
50942473b Add documentation about stream_port="0"
a014aa4de Fail to start when stream server port already allocated
964245f94 Run integration tests natively in CI
35e8ad4d6 Fail to start when already listening on socket
211fb388e Update golangci-lint to v1.23.1
ef1152b88 Allow server to start without config
49310bb02 Fix generated docs formatting
512fdb2f9 Take total_inactive_file into consideration for memory usage
66ef0b326 docs: remove mention to RHEL-8 beta repo in setup.md
5d38a07d6 Mention latest release branch in docs
eecbc3655 Fix typos in test descriptions
aa9293e95 Add image pull metrics
a94e0b779 container_create_linux: refactor common code
4bb04824b Fix man page header
31ce68627 persist exit: fix some nits
1ae3626d6 Fixes to better handle exit code
914adc516 Save exit file for container in persistent directory
62d09afcd doc: improve setup.md
8fd34a082 server: create cgroupns when running on cgroup v2
bcecd7941 Destroy the pod's network when it can't be restored
36b73a8c9 Add `namespaces{-_}dir` CLI and config option
9ddf6d7d4 Update CNI plugins to v0.8.4
ee1df54f0 Use UUID generator for namespace path
5fb3192f1 Add new NSType for available namespaces
a3afb54c3 Fix pinns path mismatch for install and uninstall
6c5ec8486 remove ErrClosedNS
9d7f8ed21 Fix possible segmentation fault in namespace removal
8bcefec51 Change AppArmor profile handling to fallback to the default
a0cb8161d Update to conmon v2.0.9
0c02f5453 Fix possible segmentation fault in error handling
20b449bbf Cleanup sandbox shared memory before removing it
1c28b2395 update createSandboxContainer to parse hugepages limit from CRI message
7646a7fd5 Update vendor to v1.18.0-alpha.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Bumping to the latest available lxcfs. As part of this update,
the license has changed to LGPL-2.1+ (from Apache-2.0)
We also refresh our systemd patch to continue to apply.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integrating the following 2.7 release commits:
cf8615de Remove empty Content-Type header
48eeac88 docs: add redirect for old URL
e2f006ac S3 Driver: added comment for missing KeyCount workaround
0a1e4a57 Fix s3 driver for supporting ceph radosgw
afa91463 Bugfix: Make ipfilteredby not required
fad36ed1 Add reference.ParseDockerRef utility function
f999f540 Fixing broken table
c636ed78 Fix cloudfront documentation formatting
5883e2d9 Fix vndr and check
a3c027e6 Adding deprecated schema instructions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
