| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The project's internal Makefile uses BUILDFLAGS variable to pass
arguments to `go build` while Yocto/OE defines it as GOBUILDFLAGS. Add a
patch to align this and avoid using host headers in which case, a musl
build will fail similarly to:
| [...]ld: /tmp/go-link-3172010154/000015.o: in function `vfprintf':
| /usr/include/x86_64-linux-gnu/bits/stdio2.h:130: undefined reference to `__vfprintf_chk'
| [...]ld: /tmp/go-link-3172010154/000016.o: in function `fprintf':
| /usr/include/x86_64-linux-gnu/bits/stdio2.h:100: undefined reference to `__fprintf_chk'
| collect2: error: ld returned 1 exit status
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
buildah is a command line tool, to be installed and run on target,
that can be used to:
- create a working container, either from scratch or using an image
as a starting point
- create an image, either from a working container or via the
instructions in a Dockerfile
- images can be built in either the OCI image format or the
traditional upstream docker image format
- mount a working container's root filesystem for manipulation
- unmount a working container's root filesystem
- use the updated contents of a container's root filesystem as a
filesystem layer to create a new image
- delete a working container or an image
- rename a local container
Testing:
Setup the build directory:
$ . oe-init-build-env <build_dir>
Add to local.conf:
IMAGE_INSTALL:append = " buildah kernel-modules"
KERNEL_FEATURES += "features/overlayfs/overlayfs.cfgi \
features/netfilter/netfilter.scc \
features/lxc/lxc-enable.scc"
IMAGE_ROOTFS_EXTRA_SPACE = "5242880"
Build image:
$ bitbake core-image-minimal
Run the image:
$ runqemu nographic kvm qemuparams="-m 4096"
On target:
Pull an image:
> cnt=$(buildah from fedora)
Or build from Dockerfile
> buildah bud -t <image_name>:<tag> .
Mount the image:
> mnt=$(buildah mount ${cnt})
Install packages on the container rootfs:
> dnf install --installroot $mnt <packages_to_install> -y
Copy local files to the container:
> buildah copy $cnt <local_file> <dest_on_container>
Save the changes to an image
> buildah commit --format docker $cnt <name>:<tag>
Run the image using buildah:
> buildah run $cnt /bin/sh
Or using docker:
> docker run -it <name>:<tag>
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
According to https://github.com/containers/skopeo/blob/main/install.md#building-from-source,
the ostree dependency is not needed.
Also, adjust the CGO_CFLAGS and CGO_LDFALGS to use target
flags instead of the SDK ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
v2.8.1 is the latest stable version.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix settings for GOROOT, CGO_CFLAGS and CGO_LDFLAGS.
The previous setting for GOROOT is no longer valid as the directory
does not exist for now. So adjust the GOROOT setting.
Currently CGO_CFLAGS is set to use BUILDSDK_CFLAGS, and this is
incorrect. We need target flags instead of SDK related flags. Such
setting happens to work for some hosts. However, when building on
newer hosts, we get QA error like below:
ERROR: docker-distribution-v2.7.1-r0 do_package_qa:
QA Issue: /usr/sbin/registry contained in package docker-registry requires
libc.so.6(GLIBC_2.34)(64bit), but no providers found in RDEPENDS_docker-registry? [file-rdeps]
The above error was found on hardknott on host Fedora 35.
Tracking down the error and I found it's using host stuff which is likely
to be caused by using incorrect CGO_CFLAGS. As the master branch is
using the same settings, it has the same issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order for systemd variables such as SYSTEMD_AUTO_ENABLE to have
effect, we need to inherit the systemd class. We also need to specify
the package which contains the service.
As go.bbclass already inherits goarch.bbclass, we only need to inehrit
go.bbclass.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Reformat the k3s depedencies and src_uri into a more readible and
maintainable format.
We also map googlesoruce to github for better fetching, as suggested
by Diego Sueiro <diego.sueiro@arm.com>.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping cri-o to version v1.24.1
We refresh one patch, add add textrel to our QA check skip list.
Which imports the following commits:
489819e33 bump to v1.24.1
8acadd3f4 conmonmgr: query help text to see if it supports log-global-size-max
fc852b402 add support for conmon log-global-size-max
77f0429d9 oci: cap exec sync length
9441b6700 Fix review issues
ee1a8519f Fix it case failed
027ab3f50 Fix review issues
db4a4aa51 Add integration test for remove paused ctr
76d1a929e 1.When in paused state, stop contianer should unpause it 2.We should treat paused state as running, or kubelet will delete it and restart one
3b25e48e4 fix review issues
eff3af248 Try to force delete ctr when in paused state
62d81d722 vendor: bump crypto package
3d516c53b oci: Move exec probe process to container cgroup, if enabled
8294126fa config: Add monitor_exec_cgroup config option
9a2723cb4 Reenable pod runtime in package spec
ae024bd0a dependencies: Upversion conmon dependency to v2.0.27
1737a4702 Sanitize conmonrs log level and print used version
5658fd35a Wrap runtime pod errors
b4bbd4d94 openshift test: use go 1.18
aa13dfb7b openshift test: add skip_pod_runtime to cri-o spec
d6aff5b63 Bump nixpkgs and use go1.18
4864ffc60 Fix golangci-lint errors
d0664581d add runtime pod
c33e14fc1 vendor conmon-rs
3b80d009b oci: add IsInfra method
0f601939e oci: lock for runtime creation
1376307fb test: use go 1.18 for lint
b98f15851 Move WillRunSystemd call after iterating the mounts
2a75c8307 Add sha256sum bundle files to uploaded artifacts
9f6a6724d crio:fix a bug about log container
901310bdd oci: use runtime handler level monitor fields
12758b2b3 config: assume default conmon cgroup if it's not specified
240de5f3f template: add comment to runtimes table
5a8223c75 config: replace Conmon specific fields with runtime handler versions
de2105a17 main(): don't treat reexec.Init() == true as an error
1de3e5ed2 crio:try fix integration test failed, because unpause not on time
6dfc68de4 config: increase pids limit to unlimited and deprecate it and logSizeMax
9ff165b4e bump ocicni to 0.3.1
b447dff77 bump containernetworking cni to 1.1.0
3fa33fe48 crio: unpause ctr after test
8e9ddee87 crio:fix golint check warning
019c578fa fix(stats): incorrect id on zfs driver
153bb668c crio:fix crun it failed
87f7f00f3 crio:update status after pause/unpause container
54912d7c8 oci: cleanup log path if the container failed to create
7a65dc340 utils: remove unused io related packages
9b111b532 runtime_vm: use containerd deps for container io directly
2da7482db remove the external dependency on the conntrack binary
1955cc167 go.{mod,sum}: update CDI deps to v0.3.2.
a8687861c server: no longer use hardcoded timeouts
64270ef91 fix builds by passing -buildvcs=false on 386
48230e006 test: bump to go 1.18.1
d41e3cbe6 Disable systemd-mode cgroup detection conditionally
e10376810 crio: Fix review issues and make format shell file
78308acd4 Add bats test to ensure namespaces are cleaned up on pod stop
ec1414424 pinns: Check calloc return value
adfe57b5d bump to 4.11 image
5e72b4133 crio: Fix code style
270d195ec crio: implement extended interface for pause/unpause container
31c278301 seccomp: drop unshare syscall from default profile
1098cc9b9 Retry to set CPU load balancing before return the error
7ccafd559 build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.1.0
9b735153b Fix integration tests
862b27b8c Switch to registry.k8s.io for the sandbox Image:
9ebdeef1e Change the mcs order in selinux.bats to test the canonization of selinux label
1a9a3fdae Canonize selinux label for comparison with filesystem label
b106fcd71 oci: fix segfault in pod stop code
3e9d77257 capabilities: drop inheritable
afe738b18 Bump ocicni to v0.3.0
7b5a67f51 Switch to ginkgo/v2
1999baa2f Add bats test for infra_ctr_cpuset taskset
9fada28f7 Add bats test for zombie conmon cleanup
15afd20ee Update golangci-lint and config
13d7b9738 Bump golang to 1.18.x
1af1f8af2 pinns: Pass sysctls as repeated '-s' arguments
eb8715d30 Fix shell format
c3095bf20 README: Update EOL & Version Skew links
05c443b06 config/sysctl: fail if there is a + in the value
ea39e74f2 Fix critest
739379b0c Enable `--seccomp-use-default-when-empty` by default
98c18d1cb test: update to new runc behavior
4cb2407a2 Automatically chcon and restorecon on get script
bef94e1f8 Pin `github.com/u-root/u-root`
3be4dba79 Switch to `main` for `get` script
09399e41f Bump nixpkgs
51a800af0 Pin nixos/nix version
97df87f71 test: allow state of failing tests to be kept intact.
32d682800 factory: take capabilities setup
a643dad27 Add dedicated security information
d65414758 test/crio-wipe.bats: don't nuke $TESTDIR too early.
ff36ee6e0 test/cgroups.bats: fix incorrect setup order.
128165130 test/cdi.bat: add CDI integration tests.
a0d3fd8aa config,cli: add configuration for CDI.
f35fba448 pkg/container: implement CDI device injection.
572616137 go.{mod,sum}: update deps, vendor.
683baa221 contrib/test: force BATS symlink in place.
0be4d0611 contrib/test: always install BATS for integration.
2426bdb4c openshift e2e: bump cri-o version
e337fa364 bump to 1.24.0
5cad5f287 test: avoid concurrent crictl config writes.
bc240fd4c server: stop deleting pod from idIndex if already gone
a4b5f0c15 CI: use kubernetes from git tip
03064f4ca test/e2e: update skipped test list
65f93912d contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
2e7a4d375 server: use syncfs instead of fsync
d9102e748 config/sysctls: validate against invalid spaces
230409570 [gitpod] use latest workspace full
6c3144af2 hack/build-rpms.sh: fix yum-builddep failures
52adfe025 ci: bump shellcheck to 0.8.0
92edea6dd test/apparmor: suppress bogus SC2031/2031
ca10da055 test/cni_plugin_helper: suppress shellcheck warning
0655dd213 test/test_runner: rm eval, fix comment
1acde4379 OWNERS: move rhatdan to emeritus approvers
d280c71ce OWNERS: move runcom to emeritus approvers
4041adc55 utils: Sync: use f.Sync
14d742672 Deny empty `localhost/` AppArmor profiles
bd02dac92 OWNERS: add first round of reviewers
626446e5c OWNERS: Move @sboeuf to emeritus approver
8aab1e8f2 int/storage: getReferences: fix gocritic warning
f1ca25bc5 server: fix (rather than ignore) gocritic warning
bc839156e server/streaming: specify the linter
fa2fd247f ci: bump golangci-lint to 1.44.0
cc6ed292b scripts/release-notes: fix printf args
f0e70901e scripts: fix a typo
b1705dc28 int/version: fix forcetypeassert linter warning
851916f0d server/container_create_linux: fix forcetypeassert warning
a2760072b utils: fix forcetypeassert linter warnings
d295f8b24 server/streaming: fix nolintlint warning
dd70c87ab int/storage: fix gosimple warning
f26fafdc5 int/config/cgmgr: fix stylecheck warnings
bc91cdb57 Format code using gofumpt 0.2.1
98d945cc9 Makefile: fix a comment
bb96cd907 test/crio-wipe: fixups
107fe3853 ISSUE_TEMPLATE: fix grammatical error
1affa13d9 OWNERS: move @sameo to emeritus_approvers
4dc761f9f ISSUE_TEMPLATES: update membership form to be reviewer form
592aa5159 ISSUE_TEMPLATES: add a couple of more
238e4d009 image: use imageCache value for ImageStatus()
411e15058 contrib/bundle: remove deprecated kubelet option.
15048929c minor edit: removed dead link from TOC
0dd5d2d00 oci: drop WaitContainerStateStopped
6449ff0d3 oci: fix a leaked goroutine
40165cb5b internal/factory/container: initialize from pkg/container
0dabb91b3 internal/factory/sandbox: initialize from pkg/sandbox
6e2472c92 README: update branches
a0f88d3a5 Updated format
a53f1d221 Generate checksum files for artifacts
728731808 test: add test for skipped sysctls
1667b5a66 server: skip sysctls that would affect the host
a7ac4683c deep copy List{PodSandbox,Container} structs
183ac018f GOVERNANCE: fix links
18dfcd273 oci: always have conmon log to syslog
c424e85e7 README: add reference to governance
008b3541a add GOVERNANCE.md
33063001c issue templates: add membership request form
aa8130f62 Add Debian_11 OS variable on installation instructions of Debian Signed-off-by: Wang Kai <persistence201306@gmail.com>
e5dad09ee criocli: produce diff-friendlier zsh completions.
b299c80c5 ci: use main branch for conmon
bcf069b12 server: fix race with kubelet
0769411bb Fix runtime panic on pod sandbox stats retrieval
ef1746095 update go to 1.17 in go.mod
acde72556 Reuse createContainerIO in CreateContainer
0731a9b57 Fix vm containers couldn't restore after CRI-O restart
386d4a447 ci: use main version of runc
28585442e openshift e2e: bump ci image
35c02b56e server: fix a potential NULL-pointer dereference.
20370fa95 Documentation: expand on CNI CIDRs in the kubeadm tutorial
143a623ad test: update tests for allowed_devices
56929cdb9 config: add AllowedDevices option
2aceed0f0 pass the main mount point to fix crypto profiles binding
6b887e9c3 Add Nestybox to the CRI-O adopters list.
33e25b47b server: drop duplicate log message
25a2eec40 pkg/container: fix container device GID fallback.
a68b239af bump crio commit for upstream k8s CI
d7da8b2b0 adds config template linting
86e43fc28 adds comments to default values
ff2a04e8b server: don't set memory swap when it's not enabled
5ebc4a407 Inherits storage configurations from storage.conf if crio config does not set
d0d8fb3a7 use cmdrunner singleton
2237f2658 conmonmgr: refactor for new CommandRunner
878040d10 cmdrunner: update mocks and add target to makefile
b3bb86659 config: prepend commands with taskset if InfraCtrCPUSet is configured
e9f0bb6c8 cmdrunner: add tests for prepended commands
04e9c61e3 cmdrunner: create singleton
fd2e2aeec Use timeout for conmon cgroup move
9af5e3363 build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0
9a051dede Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
347f04161 test: add test ensuring a stopped pod is restored
86fd03b81 sandbox stop: remove namespaces
e02d5bf15 restore: handle removed namespaces
334e925ac Partially revert "restore: restore stop before managing namespace"
948b92bd7 restore: ensure containers are wiped on reboot
c3f75859b build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
78e1c80af build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
d8ea9f6ca vendor: bump c/image to 5.17.0
11c127f3d pinns: Add LDFLAGS to Makefile
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
There's a QA issue about criu complaining the shebang
of crit script is too long. We should replace it with
'#!/usr/bin/env python3'.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping umoci to version v0.4.7-98-gdb97609, which comprises the following commits:
d8f4f12 build(deps): bump github.com/opencontainers/runc from 1.1.1 to 1.1.2
9db1db9 dependabot: ignore github.com/klauspost/compress for now
c20d1ba build(deps): bump github.com/vbatts/go-mtree from 0.5.0 to 0.5.1
defa147 build(deps): bump actions/setup-go from 2 to 3
d7c6b89 build(deps): bump actions/cache from 2 to 3.0.1
e76ee78 build(deps): bump actions/checkout from 2 to 3
852bb73 build(deps): bump actions/download-artifact from 2 to 3
83706fc build(deps): bump actions/upload-artifact from 2 to 3
b93cb2a build(deps): bump codecov/codecov-action from 2 to 3
671fa10 build(deps): bump github.com/opencontainers/runc from 1.1.0 to 1.1.1
abd9d71 build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0
597a50e build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1
87f2e17 mutator: allow setting annotation data when generating a layer
e14c6d5 README: s/anuvu/project-stacker
c67586e build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping podman-tui to version v0.3.0-82-gcd51747, which comprises the following commits:
da1eea3 new ui color theme
36230ca CI setup
cb43be9 update vagrant box to Fedora 36
7ad72ce pre-commit configuration and fixes
a6749cd Bump github.com/docker/docker
8cadc6f Bump github.com/containers/storage from 1.40.2 to 1.41.0
9070e74 doc update - install.md
ef05222 pod/container top dialog ui update
91e73ee image history dialog ui update
097674e container stats dialog ui update
fb11dc7 image search/pull dialog ui update
b6bda1a sort categories for pod/containers create and image build dialogs
5dd3e38 code coverage for ui/dialogs package
5bde8a5 Bump github.com/containers/podman/v4 from 4.0.3 to 4.1.0
6ffb274 Bump github.com/docker/docker
bd08f23 Bump github.com/containers/buildah from 1.25.1 to 1.26.1
697eb4f Bump github.com/containers/common from 0.47.5 to 0.48.0
ff98068 Bump github.com/containers/storage from 1.40.0 to 1.40.2
bc47ea7 Bump github.com/containers/storage from 1.39.0 to 1.40.0
1c46d42 exec terminal update (automatic resize and detach)
1ef0c11 adding image tree command
5db9ef8 adding security options fields to pod create dialog
aeeba55 adding container create security options fields
5c90866 adding format and security options fields to image build dialog
3d0b91b doc update
0f9ead6 adding format and security options fields to image build dialog
1091a3f windows support
26134e7 removing unused connection dialog
206ac15 fixing golint
4ef15e4 removing image index from name field string search result
d9ed9e3 activating left/right key to switch between different pages (#55)
06f342c adding image import command (#51)
c986342 activate <delete> key for removing items (#50)
9a962a8 Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
e29ce96 using utils pkg common variables and functions
61904de new feature: image save
c9f132a doc update - fedora podman-tui rpm
372c71f Bump github.com/containers/buildah from 1.24.3 to 1.25.1
d592f1d error dialog ui update to separate the title from the error message
1b9045f new feature: image build
c7f3032 Bump github.com/containers/podman/v4 from 4.0.2 to 4.0.3
0311f68 Bump github.com/containers/storage from 1.38.2 to 1.39.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v4.1.0-8-gcedbbfa54, which comprises the following commits:
4ae7161c4 Fix strange buildtag edit
44d253b6c Add support for machine events on Windows
8e3a991ff test: fix "podman search format json"
ab4d33e14 Update README for 4.1.0 release
3b4de8efc Bump to v4.1.1-dev
e4b039020 Bump to v4.1.0
e87b07f7c Release notes for v4.1.0 final
a8b55a3b9 pass networks to container clone
b2025c64f Add more unit tests
7b64cd783 libpod: treat ECONNRESET as EOF
6d1d6cc0b play kube default log driver
d57bbdb5c Cirrus: Fix ownership of repos. to keep git happy
4716b6b1b build: disable --output for podman-remote clients
fbab06796 Vendor in containers/buildah@v1.26.1
ee4e0aa43 Temporarily skip netavark/aardvark e2e test
8b897a586 Cirrus: Temporarily update netavark/aardvark-dns
b73bdcdb9 Cirrus: Test w/ netavark/aardvark-dns in F36+
80cf4e31c Cirrus: Update to F36 CI VM Images
0d8ff6fa9 Add 4.1 branch to API documentation
6ea122f6e Report correct RemoteURI
2fd178ac0 Misc readme update to retrigger CI
d3f406e9f podman system reset removed machines incorrectly
8cbe598fd Bump to v4.1.0-dev
0abf24320 Bump to v4.1.0-rc2
d45a68bce Update release notes for v4.1.0 RC2
9e83826d5 machine events: only open sockets when needed
a21e11236 Add podman machine events
bea8301a8 Implement --format for machine inspect
3ab8fa679 Release notes for more v4.1.0 backports
8842e9b7a Additional stats for podman info
642204821 libpod: unset networks before storing container conf
9d5158e94 Implement machine inspect for WSL
b7e8b25d4 Bump github.com/rootless-containers/rootlesskit from 1.0.0 to 1.0.1
65108dede Use simulated dual-stack binds when using WSL
95633146e libpod: host netns keep same /etc/resolv.conf
1cdf18a86 fix incorrect permissions for /etc/resolv.conf in userns
bbb10bb52 pkg/api: do not register decoder in endpoint handler
c441a1756 fix broken hooks-dir test
fb14171cb enable errcheck linter
724965132 libpod: unlock containers when removing pod
159d597cd remove unused codepath for creating/running ctr in a pod
a9a70a949 Refactor machine inspect
1d2120412 image search --format: add completion for go template
d4fe645ed shell completion --format: use structs by reference
524b53610 image --format: fix add completion for go template
a9deb5c67 shell completion --format: use anonymous struct field once
835b89c60 network inspect --format: add completion for go template
68f7349bc shell completion --format: work with nil structs
07bc615b4 podman machine starting test
66500b82a Report properly whether pod shares host network
8627b5151 Bump github.com/containernetworking/cni from 1.0.1 to 1.1.0
9f6131e9c Three manual fixes
ecc39b595 Ginkgo: use HaveField() for better error checking
e5d6b6b0a volume: add new option -o o=noquota
77f147468 podman search: truncate by default
b1089a23b Produce better test error messages
4ff6884fb Add CreatedSince & CreatedAt format fields to podman image history
3226561cf Allow changing of CPUs, Memory, and Disk Size
cb399245b CI: emergency fix for broken go get
1593e75c6 Bump to v4.1.0-dev
146dcb28d Bump to v4.1.0-rc1
b2beb5a53 Add release notes for v4.1.0-RC1
3bcfd256b manifest endpoints fix ordering
4a4906b91 pkg/bindings: manifest remove 3.X API support conditional
e9599fb1a fix manifest modify endpoint to respect tlsverify param
609b52f72 Bump version to v4.1.0-dev
652921119 Bump github.com/fsnotify/fsnotify from 1.5.3 to 1.5.4
70a2c0008 play kube respect hostNetwork
7259a6315 Truncate annotations when generating kubernetes yaml files
4f8ece76f play kube: do not skip containers by name
51fbf3da9 enable gocritic linter
1a9f110b5 Cirrus: Fix skipping all/most tests
7c914355d [CI:DOCS]Remove unnecesarry files
c090931da remote: do not join user NS
49264c714 vendor in containers/(common,buildah,storage,image)
facc009ca benchmarks: add more image benchmarks
ee9d755c5 Robustify nginx tests
ecd245d8f Unit tests for pkg/specgenutil pkg/signal
c5e48f12e Cirrus: Re-fix build-cache miss on main
eb4e53087 Revert "Cirrus: Fix cirrus cache race on bin/podman"
b0d36f635 Implements Windows volume/mount support
3b6ffcd29 Update to use new common machine API
d441a711e machine starting status
833456e07 Add podman machine test suite
3d1e40608 Pass --tls-verify option in podman -remote build
62f4ae98f fix staticcheck linter warning for deprecated function
a615cb2fe Docs rootfull -> rootful
2f53259a8 Cirrus: Fix cirrus cache race on bin/podman
1260bf631 Revert "Switch all rootful to rootfull"
c7b16645a enable unparam linter
94d043be8 Modify the pod name suffix '_pod' to '-pod'
0d83f4b76 Allow filtering of "removing", it is a valid status
13079abe3 Add support for passing --volumepath
44642bee8 libpod/networking_linux.go: switch to sha256 hashes
ad249222d Fix hang in test_connect
cafb76b63 Increase verbosity and sequencing of APIv2 testing
5b4af0584 replace golint with revive linter
454468e03 Update test to run network check in both rootless and rootfull mode
3e240c3ae Bump github.com/fsnotify/fsnotify from 1.5.2 to 1.5.3
104042e20 Bump github.com/container-orchestrated-devices/container-device-interface
e0f5bf279 test/system: add containers.conf test for new /etc/hosts options
e912f1b68 Improve /etc/hosts documentation
e4ab8a5be shared netns and --add-host should conflict
cf1b0c196 network dis-/connect: update /etc/hosts
128086639 libpod: fix c.Hostname() to respect the utsNsCtr
696bcd277 use etchosts package from c/common
1514d5c93 silence deprecated warnings for manifest functions
2a8e43567 enable staticcheck linter
56d6ee080 move golang.org/x/crypto/ssh/terminal to golang.org/x/term
e39f4495e Run codespell on code
f87f23e3b specgen-volumes: parse --mount using csv-reader instead of split by comma
93ecafcba Workaround criu re-linking output in system test
cc3790f33 Switch all rootful to rootfull
566b6071d Cirrus: Fix missing git-enforced runtime identity
80c0fceb2 Add support for --userns=nomap
8080a5f8e Revert "container,inspect: convert Entrypoint to array instead of a string"
17105028e vendor in latest containers/(storage,common,image)
537540196 podman container clone -f
d24507c1e Fix upgrade tests assuming storage.conf exists
c67d6a52c Fix using --network-backend on podman-remote
dc02e99d8 Fix size-check to display more context
b7dcbfed0 Update release notes for v4.0.3 and v3.4.7
55a5bd8a0 Optimization: skip tests in some circumstances
df156ab78 [CI:DOCS] podman build --pull=*missing*
fa239f2ec Bump github.com/fsnotify/fsnotify from 1.5.1 to 1.5.2
eb7171262 systemd socker activation: check listener
ff2e6291a vendor c/common
13c6fd067 system service: remove unnecessary pointer to listner
97ee41146 system tests: add assert(), and start using it
93b8ef627 Buildah Vendor Treadmill: the script
d865fcc5e Fix e2e tests referencing generic env. var.
bbe1063a5 Add checkpoint image tests
756ecd540 Add support for checkpoint image
fca3397dc Update github.com/checkpoint-restore/checkpointctl
80d175279 slirp4netns: actually make ipv6 default
519535daa healthcheck: set default healthcheck Interval if not specified in image
0162f678c benchmarking Podman: proof of concept
a2077e5ea Add missing events to podman-events man page
be0da4a22 Translate Memory Limit to Swap in API
1b3dc899d manpage vs --help checker: better error messages
99bcd6595 Add --quiet to machine ls
e716790af Fix typo in generate kube docs for selinux labeling
08d08f995 Correct play kube docs for selinux labeling
b03466cb7 Update troubleshooting.md
a4798ab4e Respect "Rootful" when starting WSL API Forwarding
d68e9faee Update vendor of storage,common
900739d13 Add container.conf default volume to init
f38b03d37 Fix Memory Swappiness passing in Container Clone
2a75164e2 add a regression test for CVE-2022-1227
3f2939c2e run, create: add --passwd-entry
97f93dc78 Revert "images --size"
3da3afa57 Add log rotation based on log size
2f4874eb0 Update containers/common to main branch
9ef745d54 System tests: Usage checks: better error messages
63c38b99f Fix --tail log on restart problem
02b7eeff6 Allow HTTP attach to stopped containers
970c8d472 compat api: use network mode bridge as default
6c878b7a5 docs: fix typo in podman-container-clone.1.md
20384b037 build(deps) bump CDI dependency from 0.3.0 to 0.3.2
8710197e8 Introduce machine inspect
3987c529f Add support for ipc namespace modes "none, private, sharable"
2c800a717 System tests: fix oops in start --filter tests
5e680d54e Bump golang.org/x/crypto to 7b82a4e
8fb9dbdb4 machine,rm: Ignore ENOENT while cleaning machine
857b36ca8 Update vendor of storage,common,image
fb4fc03ec Pretty print systemd services file
81a95fade run, mount: allow setting driver specific option using volume-opt
923d454b2 [CI:DOCS] Rewrite rootless --userns=auto docs
61cf22288 Cirrus: Fix unsupported cirrus-cron build status
ee4a583ed pkg/bindings: document requirements for use
d8a902a16 API: use no_hosts from containers.conf
615099ddb System tests: reenable ps --external test
784a13f57 network create: add support for ipam-driver none
2508913a0 If newuidmap or newgidmap fail, then check their permissions
0cebd158b container,inspect: convert Entrypoint to array instead of a string
dc17195bd Vendor in new opencontainers/selinux
e133a06d2 images --size
a95f7f9ca Cirrus: Multi-arch build auto-update + tagging update
356d53434 Fix docker socket handling
90ac1ba2a Prevent set command from updating a running instance
db7d69950 Add Podman Hello to readme.md
e73547a63 Unify examples section across several man pages: pod rm/start/unpause
9c72ea343 machine refactor 3: add symlinks for sockets
bd4b9c3d5 build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
dd9eec06a Unify examples section across several man pages: init/kill
164b64ea3 specgen: do not set OOMScoreAdj by default
bf4318e60 Allow creating anonymous volumes with --mount
1cd529b22 specgen: permit --privileged and --cap-add
d55c46f8c Cirrus: Allow manually running image-build task
5fcd2a7ac Cirrus: Upd VM images to fix multi-arch build bug
f8c2df87c Add build test for .containerignore tar file
e5745139a cli commands: better error for unsupported commands
daeea48df kube: configmap volume should be reused if already exists
9cacc18c9 Set permissions for GitHub actions
a06df4fc1 Machine refactor part 2
81632722e systemd: enable all cgroups when running as a service
23cdbf322 test/apiv2: support netavark
1f1cf7bd4 rootless netns: move process to scope only with systemd
1ffcc4a88 Add 'Os' to be queried via 'version' output
b60854e8b Prefer registering both machine and global pipe
2a882b770 Upgrade tests: reexamine cross-testing matrix
eedaaf33c fix slirp4netns port forwarding with ranges
c185d8c0d Add option for pod logs to display different colors per container.
7a5342804 fix pod volume passing and alter infra inheritance
c602084a5 size-check: display binary size and growth
61c518627 upgrade tests: fix networking problems
21502987b replace hpcloud/tail with nxadm/tail
f6963cea1 Cirrus: Build multi-arch images + manifests
cdf74f208 Set systemd mode if entrypoint begins with /bin/sh -c
a8e6c639e Unify examples section across several man pages
6e0e1cbdd Migrate machine configs
1821eb383 Pin actions to a full length commit SHA
2ac897aa0 Machine refactor - part 1
38bd4010c network setup: fail if slirp4netns is not installed
82ed99b6a event: generate a valid event on container rename operation
798988050 Fixes errors from 'manifest push' being dropped in remote case
d106b294b Switch all calls to filepath.Walk to filepath.WalkDir
446c35efd Vendor common Added patch provided by rhatdan to add support for shareable
ab41037c8 Update filter docs with missing entries and add negation option.
3cc173937 Resolves #13629 Add RegistryAuthHeader to manifest push
7680211ed Remove error stutter
76614c461 build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0
ffbab30d7 Run codespell to cleanup typos
25345c087 build(deps): bump github.com/rootless-containers/rootlesskit
640c2d53a test: fix podman run test as rootless
4f73cf3fc Misc typo fixes
c01d1f8e3 [CI:DOCS] docs: drop note about upcoming RHEL 7.7
d4bf6b4d7 clarifying "loginctl enable-linger" section in doc
61b2d8844 Bump github.com/prometheus/client_golang to v1.11.1
b469bf5c0 container: allow clone to an existing pod
eb5b08f62 build(deps): bump github.com/docker/docker
7189b6f26 podman machine set: clarify --rootful option
c0bbca8c4 podman machine: fix port forwarding with proxy
7ae52e86f readConmonPipeData: try to improve error
809f82bdb specgen: fix typo
bf6430d18 Remove experimental warning from podman-remote rpm
e90b35438 machine-set: fix example for setting rootful flag
752680366 play: kube: use in-memory kubefile and remove tempfile
9b0c8d23b man pages: sort flags, and keep them that way
346beec35 Remove nix packages, since no one is supporting this
5e28cbc5f When running systemd in a container set container_uuid
da5891130 fix podman machine start log level detection
59dc70bb4 podman machine start: lookup qemu path again if not found
5669ffb35 document that using libpod package directly is not supported
cdda1924a Explicitly use IPv4 to check if podman-machine VM is listening
a6504963b Fix manifest 4.0 endpoints [NO NEW TESTS NEEDED]
5b2597d52 Fix a potential race around the exec cleanup process
aafa80918 do not set the inheritable capabilities
eedce31eb import: allow users to set os, arch and variant of imports
13b6ff652 docs: Fix links to Containerfile and containerignore
41a6dd36f Update swagger to improve compatibility [NO NEW TESTS NEEDED]
88d4db009 Binary growth check, part 2 of 2
3627dfc52 podman unshare: document that command cannot be used with remote
130bcc3a9 podman stats: improve cpu average calc
0edb3ddd3 podman stats: calc CPU percentage correctly
1a7f5b3d5 Cirrus: Publish binary artifacts on success
501355d4a Fix unreadable netavark logs
5e1e13c18 add contextDir to tar on remote
c25213c8f fix compose test error in retry logic
84e7ce82d Binary growth check, part 1 of 2
06dd9136a fix a number of errcheck issues
07999b237 [CI:DOCS] troubleshooting: document rm in image stores
6c030cd57 fix a number of `godot` issues
68b94338b linter: enable makezero
0f12b6fe5 linter: enable nilerr
081e09143 linter: document nolintlint
7c047bfbe linter: document tagliatelle
9e8cca26a test/e2e/inspect_test.go: wait for sessions
fb792f7ed linter: enable ineffassign
f72a678f2 linter: enable errchkjson
bb6b69b4a linter: enable wastedassign
070e40149 linter: enable interfacer
90f37e1a6 build(deps): bump github.com/containers/ocicrypt from 1.1.2 to 1.1.3
6d6bdabc8 healthcheck: stop showing wrong status when --no-healthcheck is set
8961dd345 Makefile: build podman-remote-static with cgo disabled
1b68c3826 libpod: drop warning for Fedora 31
63bf3991e vendor containers/storage with https://github.com/containers/storage/pull/1165
e3cc0717b podman system df: fix percent calculation
53e770566 pod system tests: clean up stray image
026bd9b20 bump golangci-lint to v1.45.0
2460261fb Fix documentation typo
36ff8f2b3 Add Windows installer support for upgrades
95dad4d8a podman rmi --ignore
4408db330 Updated dependabot to GitHub actions
cc7b5974b Fix type-o and cleanup doc punctuation
54641f5f7 fix compose test flake
622d0068e fix dual stack network e2e flake
57cdc21b0 vendor c/common@0ededd18a1f9
ea08765f4 go fmt: use go 1.18 conditional-build syntax
3c968c3d2 Handle incompatible machines
d3e3ea843 logformatter: link to bats sources on error
4b359e459 Set names in compose tests based on version
bde3ca8c3 Add tests with Docker Compose v2
1fd76c901 podman machine: remove hostip from port
0793a5834 Deduplicate between Volumes and Mounts in compat API
ff54aaa63 podman create: building local pause image: do not read ignore files
714e5a13d Separator is no longer prepended when prefix is empty on podman generate systemd
1387b5bd8 Add test for BZ #2052697
449f2fc0b Set rawimage for containers created via play kube
c732adf2d build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1
ca7376bb1 Exit with 0 when receiving SIGTERM
29f24ff68 [CI:DOCS]: Mention netavark limitations for macvlan/ipvlan drivers
45df70ec1 fix empty newline in version output
33aa2f2d1 Fix windows win-sshproxy build
0db184fb0 fix breaking change in pkg/bindings
19d0c5a8a pkg/k8s.io: add small readme with copyright notice
dd9e4dc72 pkg/k8s.io/api/core/v1: remove unneeded types
f106867ac pkg/k8s.io/...: remove more unneeded files
0612f859b pkg/k8s.io/...: remove protobuf field tags
f8577766d pkg/k8s.io/...: fix lint errors
a0ad1f2ad remove unneeded k8s code
918fc88a9 move k8s deps into podman
3d82d17f8 Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
439323cd2 Bump github.com/docker/docker
daebf50b8 apply-podman-deltas: skip modified test case for --add-host which adds anomaly
3bb046a5e slirp: fix setup on ipv6 disabled systems
217197340 Fix typo
e8968c867 Add support for --chrootdirs
c845216fd docs: podman-build add --no-hosts
780d4b2d6 vendor: bump buildah, c/image and c/storage
edc62b529 Fixes TTY & resizing on Mac and Windows
6e41d1f44 podman.spec.rpkg: enable rhel8 builds on copr
c06460bea Bump golang to 1.17 in `vendor-in-container`
4ab24a068 Bump github.com/docker/docker
931477461 Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
e6b64703f Bump github.com/containernetworking/plugins from 1.1.0 to 1.1.1
a5353207c Bump github.com/vbauerster/mpb/v7 from 7.3.2 to 7.4.1
e5a86d293 CI: fix golangci-lint installation
feaa1a134 Add podman play kube --annotation
30bf065c3 Use github.com/vbauerster/mpb/v7 in pkg/machine
8f2f8d4ca use gopkg.in/yaml.v2 instead of v3
166edf00a Fix handling of tmpfs-mode for tmpfs creation in compat mode
e56150264 Bump github.com/docker/distribution
db3010279 [CI:DOCS] troubleshooting.md: mention "podman unshare chown 0:0 path"
a7c4691bf Improve agent install message to add restart instructions
5b51b42cc machine rm -f stops and removes machine
8cfdddf50 test/e2e: add aardvark specific tests
e66c46441 Skip flaky pprof tests
bd0766e96 selinux: remove explicit range transition when starting conmon
9ce3c0a87 Move secret-verify-leak containerfile into its own Directory
611b45c51 Inspect network info of a joined network namespace
d2f77c256 Set default rule at the head of device configuration
cdb6deb14 MacOS improvements
6dfe63463 [CI:DOCS] DISTRO_PACKAGE.md: List the packaging changes for v4
639e6899b [CI:DOCS] RELEASE_PROCESS.md: cosmetic fix
f13ca392c [CI:DOCS] Remove "(1)" from web tab text
01514f33b Fixes: #13301 ("machine rm removes the mounted socket file on macos")
b20993393 [CI:DOCS] troubleshooting.md: Improve language and fix typos
d302c08cf Throw an error if kube yaml has duplicate ctr names
dca2e7924 Move all python tests to pytest
2fb6a8daf Add ExitCommandDelay configuration use in API exec handler
63f92d0a6 test: add a test to verify race free concurrent/parallel builds
a3497cee9 RELEASE_PROCESS.md: build artifacts locally
a901c919a libpod: pods do not use cgroups if --cgroups=disabled
0bd0ad594 container: workdir resolution must consider symlink if explicitly configured
410d28660 vendor: bump c/image to main/9a9cd9
08036e9af vendor: bump c/storage to main/d06b0f
e71d497e7 libpod: drop warning if cgroup doesn't exist
22f331e54 Revert "use GetRuntimeDir() from c/common"
572e6464f Use storage that better supports rootless overlayfs
7729afe97 Refactor docker-py compatibility tests
675d775eb Add --context-dir option to podman play kube
40c6192e9 Add the names flag for pod logs
2e14c7270 Allow setting binarypath from Makefile
569319d39 Vendor in containers/common@main
3dc1b8e83 Add podman volume mount support
dbf34bfe7 Clarify v2 API testing for podman vs docker clients
988190db5 copr packaging: use generic macros for tmpfiles and modules load dirs
6f71fa6d9 Show version of the deb package in info output
a7fc8a146 Improve the error message for usused configMaps
f3e883fb4 Bump github.com/containernetworking/plugins from 1.0.1 to 1.1.0
e1b298166 docs: generate-systemd: pod requires an infra container
eab5a4cfb Load ip_tables modules at boot
fbbcb957c container-commit: support --squash to squash layers into one
ed73040b3 kube: honor mount propagation mode
5cba5cbfd play kube: set defaults to container resources
46b7c5bc6 Bump CDI go dependency to v0.3.0
6f7a803d0 Cleanup display of trust with transports
80c5962db Add containers-common spec and command to podman
4a60319ec Remove the runtime lock
c4dfbd58f Don't log errors on removing volumes inuse, if container --volumes-from
b19251242 system tests: cleanup networks on teardown
ea01f8963 [CI:DOCS]Update networking tutorial for netavark
9ce61e3a4 kube: honor --build=false and make --build=true by default
44d037898 provide better error on invalid flag
f018c07ed System tests: show one-line config overview
f150f2921 troubleshooting.md: tweak subuid paragraph, encryption
fc5cf812c use GetRuntimeDir() from c/common
94df70151 Implement Podman Container Clone
23a7f4e0d Option --url and --connection should imply --remote.
d12489858 [CI:DOCS] troubleshooting: mention overlay option for --rootfs
8c9d37faf [CI:DOCS] troubleshooting: mention machinectl and systemd-run
db4d15e85 Propagate $CONTAINERS_CONF to conmon
d615ab81f tests: Remove inaccurate comment
7b55ab442 Cirrus: Disable F34 aka prior-fedora testing
632c089cc Cirrus: Use updated VM images
aa1703037 Update release notes with v4.0.0 additions
1252f9dd3 Fix a potential flake in volume plugins tests
38811823c vendor: update c/storage to 26c561f9
095026c3d Bump github.com/containers/buildah from 1.24.1 to 1.24.2
90066af62 Calculate device major/minor using bitshift
13f6261f8 increase subuid and subgid in image
7a83d16f9 [CI:DOCS] logformatter: handle python logs
a811acf74 pkg: support passing down options for idmap
50fbe52f4 Update to podman4 copr stream
c74f8f04f Introduce podman machine init --root=t|f and podman machine set --root=t|f
8f5ba05ec Initial implementation of mac forwarding using a privileged docker sock claim helper
b62816578 e2e: merge after/since image-filter tests
10580ec19 Unify ls --filter docs for networks and pods
6a8d29eea Changes of docker descriptions
5b98efe1d Fix images since/after tests
4a166c8b6 podman network: add documentation for netavark
a0991c6f3 create: Fix key=value annotation in the flag output
a8928a3ca ignition: propagate proxy settings from a host into a vm
3b5a3f4a7 [CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshooting
73f35ff2a Temporarily pull machine images from side repo
6f9f78f7f enable netavark specific tests
4b90542d5 Fix checkpoint/restore pod tests
4966adddb Make sure building with relative paths work correctly.
3f28d697e Add 409 response to swagger godoc
40ba9f10e Make the hello image leaner [NO TESTS NEEDED]
a0b38c071 troubleshooting: add doc for ssh into a container
87cca4e5e Modify /etc/resolv.conf when connecting/disconnecting
c4676c571 Add version guard to libpod API endpoints
1512740e3 Bump c/common to v0.47.4
829f88d74 Show API doc for several versions
3762946e6 Do not set the network config dir to cni plugin dir
411fca0b3 helloimage: header symmetry
e405fefb3 [NO NEW TEST NEEDED] Add schema for ImageCreate 200 response.
61f97083c idmap should be able to be specified along with other options
5bcd9134f Bump github.com/docker/distribution
58adf1a83 fix: Multiplication of durations
8d0fb0a4e move rootless netns slirp4netns process to systemd user.slice
d0d1ffa43 Cleanup: remove obsolete/misleading bug workaround
3b561a468 compat: endpoint /build must set header content type as application/json in reponse
44fb431a3 Fix: Do not print error when parsing journald log fails
f0826b3a4 Cirrus: Expand netavark testing to include rootless
3cf64a8e9 tests: retrofit healthcheck system tests
4f77331c9 healthcheck, libpod: Read healthcheck event output from os pipe
d733c3baa append podman dns search domain
54cf0f05e Bump github.com/buger/goterm from 1.0.1 to 1.0.4
1d1b2b150 Update containers/buildah v1.24.1
7cfe4d3fe System tests: revert emergency skip of checkpoint tests
185dc5b2f Bump github.com/containers/common from 0.47.2 to 0.47.3
642a691cb Cirrus: Add netavark/aardvark system test task
daf51eafe Bump github.com/containers/image/v5 from 5.19.0 to 5.19.1
ebbf10ae8 Cirrus: Log netavark/aardvark binary build info.
9eb88ea47 Podman pod create --share-parent vs --share=cgroup
55c4a1468 system prune: remove all networks
fee76f6ab Document `schema` values in the `--url` flag
5468757ad play kube envVar.valueFrom.resourceFieldRef
725a6f893 pkg/bindings/images.Build(): slashify "dockerfile" values, too
7d3ad6081 netavark e2e tests
25e073492 Revert "Move each search dns to its own line"
3d3e8d8f8 hack/bats: fix broken usage message
903f9a3a2 Cirrus: Minor - limit release task applicability
a1bc8cb52 Move each search dns to its own line
4ddc4e79d Only change network fields if they were actually changed by the user
c4dfd004a libpod: enforce noexec,nosuid,nodev for /dev/shm
b6fe7d119 Fix size to match Docker selection
012e24b79 [CI:DOCS] Add a hello world image to quay.io
852ca9a7a Cirrus: Add [CI:BUILD] magic that only builds
cd8b30289 COPR: fix dependencies
85e8c1c9a docs: clarify rootless net stats
865f0a197 libpod: report slirp4netns network stats
6609bb73a Fix use of infra image to clarify default
2ceab1194 play kube envVar.valueFrom.fieldRef
e7bdd1260 CI: fix nightly builds
009d9eb67 Add notes to "--oom-kill-disable" not supported on cgroups V2
a8fb8f52c Adapt podman images ls filters docs to be aligned with prune filters docs
636543787 Clarify remote client means Mac and Windows
6f2b027b3 ignition, machine: delegate cpu,io cgroup controllers to machine's default users
56d95172f podman image scp syntax correction
8842dab68 Cirrus: Also download aardvark-dns binary
b381d7565 Cirrus: Add e2e task w/ upstream netavark
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.2-9-gb507e2da, which comprises the following commits:
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
cdfdbe55 VERSION: back to development
a916309f VERSION: release 1.1.2
364ec0f1 runc: do not set inheritable capabilities
8959e372 VERSION: back to development
52de29d7 VERSION: release 1.1.1
2636e1cb CHANGELOG.md: add 1.1.1 release notes
036cc348 CI/cirrus: add centos-stream-9
db953158 README.md: add cirrus-ci badge
ea19181e README,libct/README: fix pkg.go.dev badges
8290c4cf libct/cg: IsCgroup2HybridMode: don't panic
ee7ba6cb configs/validate: looser validation for RDT
96193422 libct/cg/sd/v2: fix ENOENT on cgroup delegation
35784a3e ensure the path is a sub-cgroup path
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.2-9-gb507e2da, which comprises the following commits:
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
cdfdbe55 VERSION: back to development
a916309f VERSION: release 1.1.2
364ec0f1 runc: do not set inheritable capabilities
8959e372 VERSION: back to development
52de29d7 VERSION: release 1.1.1
2636e1cb CHANGELOG.md: add 1.1.1 release notes
036cc348 CI/cirrus: add centos-stream-9
db953158 README.md: add cirrus-ci badge
ea19181e README,libct/README: fix pkg.go.dev badges
8290c4cf libct/cg: IsCgroup2HybridMode: don't panic
ee7ba6cb configs/validate: looser validation for RDT
96193422 libct/cg/sd/v2: fix ENOENT on cgroup delegation
35784a3e ensure the path is a sub-cgroup path
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.16, which comprises the following commits:
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
be7855fdbe vendor: update github.com/containerd/cgroups and github.com/cilium/ebpf
414a9e24a7 update containerd binary to v1.6.4
47b6a924b6 update containerd binary to v1.6.3
6d7c2b2d26 update containerd binary to v1.6.2
91708bf704 update containerd binary to v1.6.1
53ae17008e Revert "[20.10] update containerd binary to 1.5.11"
961b9a78d5 update runc binary to v1.1.1
97972dac5f update runc binary to v1.1.0
033a819714 [20.10] update golang to 1.17.9
a80884126b Jenkinsfile: add workaround for CVE-2022-24765
09d6fcdfec update to go 1.17.8 to address CVE-2022-24921
5957684b2c Update Go to 1.17.7
55b72c70ba Update Go to 1.17.6
fdf3020bd5 Update Go to 1.17.5
36e164ba80 Update Go to 1.17.4
ecfba8f588 Update Go to 1.17.3
4e14dcc125 Update Go to 1.17.2
c32b5ece31 Update Go to 1.17.1
7096508811 vendor: update archive/tar to match Go 1.17.0
a1150245cc Update to Go 1.17.0, and gofmt with Go 1.17
95cc7115fb hack/vendor.sh: allow go version to be specified with .0
949c33b1c5 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
8392285876 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
4e81bcf380 Makefile: update buildx to v0.8.2
74e699c8d3 Makefile: update buildx version to v0.6.0
bc3cc2e7ac Makefile: install buildx from binary release, instead of building
492fac20af api: docs: fix indentation of HostConfig.SecurityOpt (v1.39-v1.41)
3cba2682d8 api: docs: move ContainerWaitResponse to definitions (v1.39-v1.41)
55e71450ae api: docs: move VolumeCreateOptions to definitions (v1.39-v1.41)
c54362cd64 api: docs: move Volume examples inline (v1.39-v1.41)
c60ff9b296 doc: server API Correct ImagesCreate - platform parameter added in 1.32
7a45f7a8cc docs: cleanup swagger API with multiple examples (v1.25-v1.41)
29bb9204bf api: docs: add IPAMConfig on IPAM (v1.41)
77f6564369 api: docs: document MountPoint fields (v1.25-v1.41)
51ea235ab8 api: docs: remove deprecated RootFS.BaseLayer (API v1.25-v1.41)
3d6b4ae572 Correct type of Mounts in ContainerSummary in docs (v1.25-v1.40)
6e8b9809b7 Correct type of Mounts in ContainerSummary in docs
621a98dac0 api: docs: fix warning about comment indentation (API v1.40-v1.41)
bb9ef98060 api: docs: update docs for /images/{name}/json (API v1.39-v1.41)
88ca5cec4e daemon: fix error-message for minimum allowed kernel-memory limit
3ea996abd7 docs: add missing KernelMemoryTCP to api v1.40 and v1.41
b475bc95cd docs/api: add missing 400 response for POST /containers/{id}/wait
ae07b3cc96 docs/api: update /containers/{id}/wait "condition" parameter (v1.30-v1.41)
19555fa92d [20.10] vendor: github.com/docker/distribution v2.8.1
32fe0bbb91 daemon: use RWMutex for stateCounter
ed8fb00b65 errdefs: move GetHTTPErrorStatusCode to api/server/httpstatus
3bd611d7a5 log error message when receiving an unexpected type error
7dfe7a1752 [20.10] update containerd binary to 1.5.11
af953d2f38 [20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
5f9753ae73 client: remove containerd "platform" dependency
4df345e65d client: remove unused Platform field from configWrapper
dd38613d0c oci: inheritable capability set should be empty
2825bf7123 Only check if route overlaps routes with scope: LINK
f5c56eaca8 [20.10] bump swarmkit for config size increase
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Bumping libnetwork to version v0.7.0-dev.3-1830-g339b972b, which comprises the following commits:
9db86fb7 Only check if route overlaps routes with scope: LINK
7b9c2905 fix port forwarding with ipv6.disable=1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.16, which comprises the following commits:
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
be7855fdbe vendor: update github.com/containerd/cgroups and github.com/cilium/ebpf
414a9e24a7 update containerd binary to v1.6.4
47b6a924b6 update containerd binary to v1.6.3
6d7c2b2d26 update containerd binary to v1.6.2
91708bf704 update containerd binary to v1.6.1
53ae17008e Revert "[20.10] update containerd binary to 1.5.11"
961b9a78d5 update runc binary to v1.1.1
97972dac5f update runc binary to v1.1.0
033a819714 [20.10] update golang to 1.17.9
a80884126b Jenkinsfile: add workaround for CVE-2022-24765
09d6fcdfec update to go 1.17.8 to address CVE-2022-24921
5957684b2c Update Go to 1.17.7
55b72c70ba Update Go to 1.17.6
fdf3020bd5 Update Go to 1.17.5
36e164ba80 Update Go to 1.17.4
ecfba8f588 Update Go to 1.17.3
4e14dcc125 Update Go to 1.17.2
c32b5ece31 Update Go to 1.17.1
7096508811 vendor: update archive/tar to match Go 1.17.0
a1150245cc Update to Go 1.17.0, and gofmt with Go 1.17
95cc7115fb hack/vendor.sh: allow go version to be specified with .0
949c33b1c5 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
8392285876 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
4e81bcf380 Makefile: update buildx to v0.8.2
74e699c8d3 Makefile: update buildx version to v0.6.0
bc3cc2e7ac Makefile: install buildx from binary release, instead of building
492fac20af api: docs: fix indentation of HostConfig.SecurityOpt (v1.39-v1.41)
3cba2682d8 api: docs: move ContainerWaitResponse to definitions (v1.39-v1.41)
55e71450ae api: docs: move VolumeCreateOptions to definitions (v1.39-v1.41)
c54362cd64 api: docs: move Volume examples inline (v1.39-v1.41)
c60ff9b296 doc: server API Correct ImagesCreate - platform parameter added in 1.32
7a45f7a8cc docs: cleanup swagger API with multiple examples (v1.25-v1.41)
29bb9204bf api: docs: add IPAMConfig on IPAM (v1.41)
77f6564369 api: docs: document MountPoint fields (v1.25-v1.41)
51ea235ab8 api: docs: remove deprecated RootFS.BaseLayer (API v1.25-v1.41)
3d6b4ae572 Correct type of Mounts in ContainerSummary in docs (v1.25-v1.40)
6e8b9809b7 Correct type of Mounts in ContainerSummary in docs
621a98dac0 api: docs: fix warning about comment indentation (API v1.40-v1.41)
bb9ef98060 api: docs: update docs for /images/{name}/json (API v1.39-v1.41)
88ca5cec4e daemon: fix error-message for minimum allowed kernel-memory limit
3ea996abd7 docs: add missing KernelMemoryTCP to api v1.40 and v1.41
b475bc95cd docs/api: add missing 400 response for POST /containers/{id}/wait
ae07b3cc96 docs/api: update /containers/{id}/wait "condition" parameter (v1.30-v1.41)
19555fa92d [20.10] vendor: github.com/docker/distribution v2.8.1
32fe0bbb91 daemon: use RWMutex for stateCounter
ed8fb00b65 errdefs: move GetHTTPErrorStatusCode to api/server/httpstatus
3bd611d7a5 log error message when receiving an unexpected type error
7dfe7a1752 [20.10] update containerd binary to 1.5.11
af953d2f38 [20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
5f9753ae73 client: remove containerd "platform" dependency
4df345e65d client: remove unused Platform field from configWrapper
dd38613d0c oci: inheritable capability set should be empty
2825bf7123 Only check if route overlaps routes with scope: LINK
f5c56eaca8 [20.10] bump swarmkit for config size increase
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Bumping to the 1.24 kubernetes release from May 2022.
We refresh one patch, and drop another as the build race looks to be
different (since it is no longer installed seperately).
Otherwise the build is the same, and smoke tests have passed.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
WARNING: kubernetes-1_v1.23.6+gitfbcfa33018159c033aee77b0d5456df6771aa9b5-r0
do_package_qa: QA Issue: kubernetes-misc: ELF binary
/usr/bin/kubectl-convert has relocations in .text [textrel]
This textrel is acceptable, so we can inhibit the warning.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
It looks like 'devel' in podman compose gets rewritten, so our
1.0.3 commit is no longer on that branch, breaking fetches.
Moving to stable and changing the commit to avoid the issue.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- To fix restore Segmentation fault
criu restore -d -D checkpoint
8306: Error (criu/cr-restore.c:1480): 8331 killed by signal 11: Segmentation fault
Error (criu/cr-restore.c:2447): Restoring FAILED.
- Inherit pkgconfig to fix build warning
pkg-config not found
- Define PLUGINDIR when doing instll to fix build failure
mkdir: cannot create directory '/var/lib/criu': Permission denied
New commits since 3.16.1:
4f8f295e5 criu: Version 3.17
991f27c84 ci: skip new hugetlb maps09/maps10 tests for pre-dump
0c1f0256f kerndat: handle the case when hugetlb isn't supported
17a19676c zdtm: handle the case when hugetlb isn't supported
c1380c077 ci: workaround race between sit module loading and bridge test
550eafc5d ci: print kernel modules list
f635b61f4 test: install criu in /usr
2f0f12839 readme: Add badge links to workflows
d14dbb8c7 sk-unix: rework bind_on_deleted() return codes
5b872c718 proc_parse: Fix parsing bpf map_extra
d40b332ce bpf: update deprecated API
f641e0c4b ci: print mountinfo instead of mount cmd output
5c0b4fbcd ci: criu-fault: skip inotify_irmap fault-injection on btrfs
7ac85cab8 scripts/ci: fix ZDTM_OPTS variable passing
ead227994 zdtm: temporary disable rseq02 test
db9ec1361 zdtm: add rseq02 transition test with NO_RESTART CS flag
1e0bed3d6 rseq: handle rseq/rseq_cs flags properly
13338dee5 Revert "test: disable rseq also on Archlinux"
064e9925a zdtm: add transition/rseq01 test for amd64
2d3354e7b cr-dump: fixup thread IP when inside rseq cs
4c7ece0bb compel: add helpers to get/set instruction pointer
441310c26 zdtm/static/rseq00: fix rseq test when linking with a fresh Glibc
f70ddab24 pie/restorer: unregister (g)libc rseq before memory restoration
e1799e530 include: add thread_pointer.h from Glibc
267c1fdad ci: add Fedora Rawhide based test on Cirrus
03aff7e82 Revert "ci: disable glibc rseq support"
51e0d3e29 zdtm: add basic static/rseq00 test for rseq C/R
c5162cef5 rseq: fail dump if rseq is used but host doesn't support get_rseq_conf feature
f81e3062c rseq: initial support
bd9ee3255 cr-check: Add ptrace rseq conf dump feature
ca54dfcac util: move fork_and_ptrace_attach helper from cr-check
8b3a76b64 kerndat: check for rseq syscall support
de03eb435 compel: add rseq syscall into compel std plugin syscall tables
4adec8e8e cgroup: test for --manage-cgroups=ignore
2b6901707 cgroup: fix --manage-cgroups=ignore
c71d4a54a cgroup: fix "unified" path
8ddd7f483 ci: add codespell to lint target
e7b1c8579 Fix remaining codespell warnings
0194ed392 Fix some codespell warnings
3f1800477 Add .codespellrc
f16976c03 test/zdtm.py: rename a var
fab46c310 test/exhaustive/unix.py: rename a var
2a60b4974 Rename useable to usable
c4bdde213 criu/mount.c: separate \t
51837a65e criu/files.c: some renames
bd3a21e0b test/javaTests: rename ser to s
777ad1966 Nit: rename sie to se
716e56f37 Typo: mmaped -> mmapped
d9411c948 test/zdtm/static: s/NODEL/NO_DEL/
58d76cb16 test/zdtm/static/inotify_system.c: s/inot/infd/
0cb8b9c04 test/zdtm/static: use param not parm
58b120b06 criu/pie/restorer.c: use param not parm
747ec75d9 criu/arch/s390/include/asm/restorer.h: fix comments
8bb05e3bf ci: Switch to non overlaysfs tests
45e048d77 criu: generate unique socket names
75064b742 mount: fix -Wunused-but-set-variable for Clang 15
46e4773c3 style: delete some redundant code
5109fccf8 apparmor: Fix -Wfortify-source for Clang
791651f1b criu-ns: add a helper to hold a pid namespace
805559c1d scripts/ci: mount test cgroups once
ab6191ccd zdtm: use unique holder for cgroups
73a783ac1 mount: make error messages differ in different places
165d5a2cd mount-v2: make mount engine fallback messages loglevel debug
8867840c8 zdtm/mount-v2: disable pty-console test
c8121ed74 test/jenkins: test for old mount engine
3c0e99ccf ci: make others/mnt_ext_dev also run for old mount engine
642abd133 zdtm/mount-v2: disable mnt_tracefs test
f736d88c9 zdtm: add propagation group with mount flags to mount_complex_sharing
ef53df471 zdtm: add mount_complex_sharing test
486e1fd85 zdtm: add new mnt_ext_sharing test for mount-v2
3db949d82 ci: run tests for old mount engine
8d6e2d044 zdtm: enable mounts compat mode on restore with --mntns-compat-mode option
b35c842d0 mount: add new mounts-v2 engine
c29675c9a mount: export global variables for mount-v2
972a59862 mount: export several functions for mount-v2
3229e7f58 mount: export common defines for mount-v2
0723d0cd9 mount: remove double ns_id declaration
1f4a9a531 files-reg: export parent dirs helpers for mount-v2
f032741cd mount: add plain mountpoints
f2d1c7fab config/rpc: add new option --mntns-compat-mode for old mount engine
f6b52c711 crtools: move check_options after kerndat_init and log_init
6a25420d3 util: add resolve_mountpoint helper
cef8366f5 kerndat: check whether the openat2 syscall is supported
387f4652b compel: add open_tree syscall
a946b946e kerndat: Check for MOVE_MOUNT_SET_GROUP availability
0ca89b99b files-reg: teach clean_one_remap to work with mount-v2
9a0918497 files-reg: teach create_ghost to work with mount-v2
169f95c39 files-reg: split create_ghost_dentry out of create_ghost
9fb3984a7 mount: add service_mountpoint getter for ->mountpoint
65967a84b mount: use ns_mountpoint instead of mountpoint where possible
eedbc6f47 mount: use ns_mountpoint in mnt_depth
ae0b218c3 mount: use ns_mountpoint in aufs_parse
7b968ceea mount: use ns_mountpoint in collect_mntinfo
f2bf6597c path: simplify mnt_get_sibling_path via get_relative_path
abbc70adc mount: use ns_mountpoint for children-overmount check
c17695cb1 mount: use ns_mountpoint in root_path_from_parent
010295b8f mount: use ns_mountpoint in validate_children_collision
07eb01593 mount: skip root yard children from mnt_needs_remap check
e8de10a4f mount: use ns_mountpoint in mnt_is_overmounted
b954e5136 autofs: use ns_mountpoint in autofs_create_dentries
7a67949e5 mount: make general place for shared variables on mount-info on restore
0c41c1187 mount: fix broken remounted_rw check
718247045 mount: move root yard tree merge as early as possible
770cdbfb9 mount: prepare is_overmounted as early as possible
83bbf1b05 mount: add helper mnt_get_external_bind_nodev
0fd0e03a2 mount: do not override master_id to -1 for root binds
4f156f32b mount: put external slavery mounts to separate mnt_ext_slave list
ef79912c1 mount: add can_receive_master_from_root helper
b52fcb284 mount: replace CRTIME_MNT_ID with HELPER_MNT_ID
4736a7240 mount/restore: leave ns_mountpoint NULL for aux binfmt_misc mount
16085b5e6 mount/restore: create auxiliary binfmt_misc mount in the root yard
a379d4d94 zdtm: add mntns_pivot_root_ro test
2a3d2bc28 mount: apply superblock flags to nested ns roots
77f67973f zdtm: add mntns_pivot_root test
2fdb4993a mount: allow nested mount namespaces with different roots
cf6fe2d48 mount: add mnt_is_root_bind helper
e50abbd3b zdtm: add mnt_ext_collision test
a963ceb77 mount: restrict mp-external mount map to init container mntns only
007501f98 zdtm: add new mnt_ext_root test
4f9414934 mount: mount external mount before mounting it's binds
d5cb7764e mount: show more info about why we can't mount
685a53eec mount: rework skipping external mounts in dump_one_mountpoint
3b2b80812 mount: split mnt_is_external(_bind) and can_receive_master_from_external
c09bd8941 mount: add mnt_bind_pick helper to pick the desired bind
9d1f39f28 unittest: add some tests for get_relative_path helper
97bd9511c util: add get_relative_path helper
261b7a8fd mount: setup mnt_bind list before using it in mnt_is_external
30261a751 mount: skip fstype and source checks for external mounts in mounts_sb_equal
8d5300aa9 mount: mark mounts of external devices external
e17c1cc12 mount: do not detect non-fsroot mounts as device-external
eda1e5fdb mount: add mntinfo_add_list_before helper for adding to mntinfo list
9649356e3 zdtm: fix mnt_ext_master test to correspond to it's name
5a8fd343f uffd: fix __u64 print format specifier
9e7473516 sk-unix: fix e_str leak in unix_sk_id_add
87d373514 criu/plugin: Add support for criu image streamer
55370b720 criu/plugin: Store BO contents directly to file
ecdf740fa criu/plugin: Add whitepaper document
99a2380fc criu/plugin: Dockerfile for amdgpu_plugin
2095de9f0 criu/plugin: Fix for FDs not allowed to mmap
bd8333009 criu/plugin: Implement sDMA based buffer access
6d7926622 criu/plugin: Restore libhsakmt shared memory files
a218fe0ba criu/plugin: Read and write BO contents in parallel
ba9c62df2 criu/plugin: Add unit tests for GPU remapping
4856e0d4d criu/plugin: Add parameters to override mapping
72905c9c9 criu/plugin: Remap GPUs on checkpoint restore
6e99fea2f criu/plugin: Implement system topology parsing
c4e3ac7fe criu/plugin: Adding check for kernel IOCTL version
55a5993bc criu/plugin: Support AMD ROCm Checkpoint Restore with KFD
71ff9cc04 criu/plugin: Initialize AMD KFD header
91157315b criu/plugin: Skip plugin vmas during premap
63e127fc8 criu/plugin: Add dedicated flag for plugins
e04db0241 criu/files: Add function to return unused FD by pid
653eefea0 criu/plugin: Do not reopen vma fd for plugins
5b0a639a5 files: fix inh leak in inherit_fd_add
060567042 net: fix e_str leak in veth_pair_add
2856d06e3 config: fix ns leak in parse_join_ns
a8dd7d290 ci: run criu-config tests
1c54c45fc zdtm: drop redundant config_inotify_irmap test
d2073cd4d zdtm: add --criu-config option
fc38a01e5 zdtm: use long form cli options
0734fc807 zdtm: sort import lines
0b7965397 zdtm: refactor main
1b4a9df9c sk-unix: fix uint32_t id variable printf format specifier
09fa32a75 tun: fix tun_link leak in dump_tun_link
7e9a9dc34 cr-dump: fix cr_imgset leak in dump_one_task
2747bb2a7 mount: fix e_str leak in ext_mount_add
be78b853d proc_smaps: remove useless nonlinear check
97a998567 compel: set mxcsr during error injection to zero
ef98a71b1 zdtm: fix missplacement of err=True
6b842635b test: disable rseq also on Archlinux
51099d2bb test: remove test for LOCK_MAND flock
247cdc90d bpfmap: handle new field in fdinfo
56df8aeeb ci: skip MAP_HUGETLB tests in stream test
2dc6d146b zdtm: Add MAP_HUGETLB mappings test for parent-child relationship processes
87a5694b4 zdtm: Add shm hugetlb test
d22e472cf zdtm: Add memfd hugetlb test
ffa268896 zdtm: Add MAP_HUGETLB memory mapping test
a26b692c4 uffd: Skip lazy-mode restore on hugetlb mappings
456e50b59 mem: Skip premapping hugetlb mapping
8941b63a4 proc_parse, files: Add support for hugetlb memory mapping
e4fb1dd5f memfd, shmem: Add support for checkpoint/restore memfd and anon shared memory
4d77b19eb ipc: Add support for checkpoint/restore hugetlb System V shared memory
f69c36591 kerndat: Collect hugetlb device numbers
9c7bbfa69 check: Add a check for using memfd with hugetlb
e8087fcff files: generate unique transport socket names
408a7d82d util: add an unique ID of the current criu run
b13b95e52 compel: fix how PTRACE_GET_THREAD_AREA errors are handled
b2ba14a15 restorer: Fix sys_mmap's returned value check
7177938e6 criu-ns: use os.waitstatus_to_exitcode()
bb1b1681a criu-ns: fix exit code o for criu dump
fdf4fda20 pstree: when updating sid for shell job also update matching pgid
89267dbcc ci: install libbsd dependency
48d53b699 Fix formatting in criu documentation
73d6a2c0e test/autofs: fix use-after-free
4d31105c7 ci: set continue-on-error for cross-compile
0568889ee compel: fix parasite with GCC 12
db352ca48 criu: fix configuration file scanner with GCC 12
bf6975c3e compel: fix GCC 12 failure (out of bounds)
6be10a232 zdtm: fix zdtm/static/maps00 case in arm64
6cfad77f0 pagemap: tiny fix on truncating memory image
908e5dd95 lib: added tests for feature check in libcriu
b00b61f0e lib: introduce feature check in libcriu
4c4b2159d ci: added .lgtm.yml file
7f4265dc0 ci: update to latest Vagrant and Fedora images
7400d91f8 contributing: remove old badges and logo
29e221bb7 readme: add docker test badge
6f9d62eb3 ci: test criu-image-streamer with all tests
8ec214d3c mount/btrfs: make check_mountpoint_fd fallback to get_sdev_from_fd
bbf5f642d proc_parse: add helper to resolve sdev from fd
15c42696c mount: remove mnt_fd argument of __open_mountpoint
1e7c62047 mount: split check_mountpoint_fd from __open_mountpoint
1b912802d zdtm/static/uffd-events: add more log messages
ebd03383f zdtm: print tails of all logs if a test has failed
f65098746 test: log testname.out.inprogress if a test has failed
8775cf3a5 ci: reenable the lazy-thp test in the lazy-remote mode
c59abfa81 page-xfer: stop waiting for a new command after a close command
13b726ebc tls: allow to terminate connections synchronously
73d1d0769 uffd: call disconnect_from_page_server to shutdown a page-server connection
4fdf3db31 tls: add more comments
5a2250b1a tls: use ssize_t for return value
89e8e8e69 tls: fix typo
0da88b6da zdtm: Add SOCK_SEQPACKET variants to unix socket tests
530ad9c89 sk-unix: Add support for SOCK_SEQPACKET unix sockets
3d618d0f4 crtools: check that cpuinfo command has sub-command
233f1f1d0 crtools: use new opts.mode in image_dir_mode
3fa85bcdc crtools/rpc: export current criu mode to opts.mode
1b015df9b crtools: remove excess always true condition
be092e25a zdtm: remove mntns-deleted-dst test leftover from git
f92c7f1af zdtm: zdtm_ct fix compilation error with strict-prototypes on
e62e05c2d zdtm.py: clean up MAKEFLAGS env variable before running make instance
af4b26519 tests: added test for single pre-dump support
51a1adbc0 libcriu: add single pre-dump support
119a79885 ci: disable glibc rseq support
9fd000c58 ci: use unstable release for cross-compile
0e04a3c6a libcriu: add setting lsm-mount-context to libcriu
af298353d usernsd: UNS_FDOUT should not require an input descriptor
efe5d9a12 Add documentation for --timeout option
583e8ca05 ci: enable x86 xsave fault injection tests back
1ba443982 x86/compel/fault-inject: print the initial seed
fc1eb01ff x86/compel/fault-inject: bound xsave features set
6186bfa0c test: another try to correctly fix the kernel version
d79d73e3a ci: install procps in Alpine
3eba68089 ci: Enable disabled unix socket related tests
94111596f sk-unix: Fix TCP_ESTABLISHED checks in unix sockets
6930d6a32 util: make page-server IPv6 safe
d57f27bc9 files-reg: try dump_ghost_remap if link-remap failed with error ENOENT
14075baf7 test: do not use --keep-going for single zdtm tests
a52185ffe ci: disable broken tests until fixed
4ab2facb2 make: Explicitly enable FPU on ARMv7 builds
d514bacb4 ci: Run cross compile with debian testing
4c1330bb0 ci: Run cross compile on debian stable
718eb06be clang-format: disable wrong struct pointer declaration format
858002483 zdtm: add ro-mount check after c/r to mntns_ghost01
17357d67f files-reg: temporary remount writable the mount we do unlink on
bd219b69a ghost/mount: allocate remounted_rw in shmem to get info from other processes
cfed6f35e files-reg: fix error handling of rm_parent_dirs
5a0943c90 files-reg: fix error handling in open_path
64b58b514 check: cleanup child processes
156cce78c ci: switch to centos-stream-8
c2fd81903 crtools: ignore SIGPIPE in swrk mode
a491706cc ci: Use latest Fedora for lint ci runs again
eb0dee408 seize: restore cgroup freezer to right state
781676f10 clang-format/zdtm: fix clang complains about strange elseifs
d2b6faf8f tests: improve the deterministic behavior of the test suite
94092ce00 zdtm.py: make tests with --link_remap exclusive
1f9e2c420 ci: disable socket-raw test on centos8
a9d9fb8aa clang-format: make x86_ins_capability_mask human-readable
4ff252656 cr-dump: fail dumping when zombie process with sid 0
26db7adbb clang-format: do automatic comment fixups
206479322 clang-format: do several manual comment fixups
bbfd9031a clang-format: enable AlignTrailingComments
718f4cae2 zdtm: make sock_opts02 also check lock change by SO_*BUF*
3a875cc4c zdtm: add test for socket buffer size locks
e69be16db sockets: c/r bufer size locks
ce5ce285a kerndat: check for set/getsockopt SO_BUF_LOCK availability
2bd709664 sockets: don't call sk_setbufs asyncronously
37a8090d8 tests: improve the image streamer process control
dae0704b6 ci: use Fedora 34 for lint CI runs
f7bc3bdc9 ci: fix userfaultfd test failures
d17eb325c ci: replace deprecated codecov bash uploader
c1659c386 net: optimize restore_rule() to not open the CR_FD_RULE image file twice
e3a853ab9 criu-ns: make pidns init first do setsid
c750e62ca util: use nftw in rmrf helper
485a83c11 tty: fix the null pointer of get_tty_driver
7ba4d3bf1 pie/restorer: remove excess hash printf specifier
bffaa7d07 ci: enable coredump tests
bf8382a80 make: enable lint for coredump
8aa769455 test/coredump: fix shellcheck errors
0b3cf5c9e coredump: lint fix visually indented line
3a689ed9a coredump: fix comparison to true
c1eab7d06 coredump: fix too many blank lines
baad88d5e coredump: fix missing whitespace around operator
579066633 coredump: lint fix for block comments
06306c8b1 coredump: drop exec permission
1b368238b coredump: drop unused variable
a92a7887a python: replace equality with identity test
c71a81a6b coredump: convert indentation to spaces
bf8a3c9f6 coredump: sort imports
a0b738cb8 coredump: remove unused import
1c866dbb5 Add new files for running criu-coredump via python 2 or 3
3180d35fa Add support for python3 in criu-coredump
f24360658 criu(8): Add more detailed description about --tcp-close dump option
abf6b15c1 zdtm: Dumping/restoring with --tcp-close on TCP_CLOSE socket
795973055 tcp: Skip restoring TCP state when dumping with --tcp-close
74d1233b5 criu/files: Don't cache fd ids for device files
7b6239b6d criu/plugin: Implement dummy amdgpu plugin hooks
17e2a8c70 criu: Introduce new device file plugin hooks
dd46e7919 criu(8): add --external net option
be239109a github: update the stale version
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The NVD database uses version without a prefixing 'v'
for containerd.
e.g.
https://nvd.nist.gov/vuln/detail/CVE-2022-23648
So we need to explictly set CVE_VERSION.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
This makes the main recipe more readable, and allows us to
clearly see changes to the SRC_URI and the main recipe
separately.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping nerdctl to version v0.18.0-61-g48f189a, which comprises the following commits:
8385be4 add test case for nerdctl inspect to check mounts field
a766555 show mounts info for nerdctl inspect
1547f73 Add flag ipfs-address to push to remote IPFS node
2db1039 update stargz-snapshotter (0.11.4), IPFS (0.12.2)
7b1c33d Import NOTICE from Docker/Moby
bc66bfa CI: upload go-mod-vendor.tar.gz as a backup
43f7b6b Dockerfile: update Ubuntu to 22.04
6c22944 Follow-up to `Support --init argument in nerdctl run command`
a8c3de4 Bump github.com/moby/sys/mount from 0.3.1 to 0.3.2
c4cf6a0 Bump actions/checkout from 3.0.0 to 3.0.1
90a91d2 Bump github.com/compose-spec/compose-go from 1.2.2 to 1.2.4
839faf5 Added volume remove fixes(issue #971)
f8272ed Support --init argument in nerdctl run command
175923e Export OS Platform and Arch information in `nerdctl version` command
b3504ce feat: container image build ci for push image to github registry
8dc5fc5 seccomp: relax restrictions depending on --cap-add
65170cb Bump actions/setup-go from 2 to 3
fe6a7e8 inspect: add type flag to inspect command
ac58d8c CI: relax timeout
96b5e49 nerdctl wait: fix flakeness and error handling
ba0624d Deflake TestComposeKill
401b541 update BuildKit (0.10.1)
1a3dfe9 Bump github.com/containerd/continuity from 0.2.2 to 0.3.0
800d9ee Bump github.com/ipfs/go-ipfs-http-client from 0.2.0 to 0.3.0
72a2923 Bump github.com/ipfs/interface-go-ipfs-core from 0.6.1 to 0.6.2
7c78e79 Bump github.com/compose-spec/compose-go from 1.2.1 to 1.2.2
8941220 update runc (1.1.1)
6fdf4d1 go.mod: vishvananda/netlink v1.2.0-beta
457317a build: fix `content digest ... not found` for built multi-platform image
500f039 Bump github.com/compose-spec/compose-go from 1.1.0 to 1.2.1
929298c Format created to be compatible with docker inspect
0564fc1 Remove orphan containers before the service has be started
b66451e update RootlessKit (1.0.0), imgcrypt (1.1.4)
50cbdfc Add check of snapshotter when sharing images
9c3cca2 docs: clarify availability of optional features
e45c8ea Bump github.com/docker/docker
589fc27 Bump github.com/docker/cli
6f5d0d2 Bump github.com/ipfs/interface-go-ipfs-core from 0.6.0 to 0.6.1
4372842 Fix nerdctl ignores BUILDKIT_HOST
0c334bd Support assign static IP address in `compose up` command by using ipv4_address field
facc229 CI: set fail-fast to false
fcdaa2e Add a document about setting up `nerdctl build` with BuildKit
ae1399a CNI: switch away from `isolation` plugin to `firewall` plugin with `ingressPolicy`
0cb1fe6 update containerd (1.6.2)
7f13c20 Fix `nerdctl build` logs error even when succeeds
8e3923c Bump github.com/containerd/go-cni from 1.1.3 to 1.1.4
d948091 avoid nil authconfig && display warning msg for unencrypted passwd
d8167e0 docs: clarify that P2P image distribution (IPFS) is completely optional
ba88f62 update CNI plugins (1.1.1), stargz-snapshotter (0.11.3), IPFS (0.12.1)
19bf1d3 enhance namespace management
1231875 push: skip foreign layers
87aa769 Support --ip argument when run the container
8ec0672 rootless: Support BuildKit containerd worker
21d0350 Bump github.com/ipfs/interface-go-ipfs-core from 0.5.2 to 0.6.0
debe171 CI: remove integration test with contianerd v1.4.5
fb0339e build with go 1.18
c0e0edf fix login on defaultRegistry
7e68a87 Support fallback to plain http in nerdctl login
7cb387d Follow-up to `Add GitHub issue templates`
701a55c Add GitHub issue templates
a9e5022 Windows CI: install git
2bcbdcb refactor netutil
b75b86c Bump github.com/docker/cli
94d9169 Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
04199ec Bump github.com/docker/docker
12ca1b0 fix make failed when use go1.16
3e073bc build(deps): bump github.com/containernetworking/plugins
802db60 Update the README.md to remind people to upgrade the Go version
f20ef09 add macvlan/ipvlan doc for cni
d56bdd6 pkg/portutil: improve rootless error message
b154105 update stargz-snapshotter (0.11.2)
3f1ffe2 Support allocate host port when try to run container
9c14a02 CI: temporarily remove FreeBSD integration tests
0e7ddc9 Attempt to deflake TestPushInsecureWithLogin
1b1f1df build test-integration image in arm64
1dcc70c update containerd, CNI plugins, IPFS, Stargz Snapshotter
e8f7b6a Bump github.com/compose-spec/compose-go from 1.0.9 to 1.1.0
63ba16a Bump github.com/containerd/containerd from 1.6.0 to 1.6.1
b6850ff Bump golangci/golangci-lint-action from 2 to 3.1.0
f4d689d Bump actions/checkout from 2 to 3
f15e589 add ipam-driver and ipam-opt flags for create network
47190c4 Separate network code
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
K3s (and Kubernetes) supports load balancing via IPVS, and by default reports
errors when IPVS kernel modules cannot be loaded.
This patch adds the missing reported kernel modules to the k3s recipe:
* ip-vs
* ip-vs-rr
* ip-vs-wrr
* ip-vs-sh
The modules are configured by including the ip_vs kernel feature.
Signed-off-by: Richard Neill <richard.neill@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some build hosts, one of our downloaded depedencies matches
patch.bbclass' regex, and is then thought to be a patch. That leads
to errors as follows:
Compiling k3s failed with:
do_patch: Importing patch 'github.com.andreyvit.diff' with striplevel '1'
We add a noapply to the SRC_URI to ensure that it is not considered
a patch.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The shortlog of the previous uprev incorrectly stated that
1.23.x was the target. There are issues remaining with that
version, so the uprev was contained to 1.22.x
We also typically do NOT use the exact release tag, since
fixes are continually arriving post release, and with the
extensive go mod vendor process, it doesn't accurately
represent the version.
As such, we switch to: v1.22.6+k3s1+git${SRCREV_k3s}, for
finer grained version tracking.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
Add the curses/terminal control application for podman.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping kubernetes to version v1.23.6-rc.0-16-gfbcfa330181, which comprises the following commits:
1e8f6d51484 Copy request in timeout handler
edd7a386c61 kube-up: use registry.k8s.io for containerd-related jobs
3194c87ba25 e2e: Wait only for the service account
a62ee8e5c3b e2e: Wait for kube-root-ca.crt to be created
651b1fa1cce Include pod UID in secret/configmap cache key
33d089b173c Move kubelet secret and configmap manager calls to sync_Pod functions
7f02733e4d8 test: Verify that nodes do not transition to Failed while ready
77865d3db93 test: Add E2E for job completions with cpu reservation
b51d11be7a4 test: Add E2E for init container pod deletion
290cdbf8792 kubelet: Delay writing a terminal phase until the pod is terminated
914475e2e9f Update CHANGELOG/CHANGELOG-1.23.md for v1.23.5
b3b64745789 Release commit for Kubernetes v1.23.6-rc.0
c285e781331 Release commit for Kubernetes v1.23.5
01c2f1c6420 Remove apf_fd from httplog
c52cd9c5920 Update Go to 1.17.8
1a897af197a cluster/gce: update konnectivity image tags to v0.0.30
d741174d7e1 bump sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.0.30
0b8199041d1 fix dryrun when ca file exists
903f164b679 fix regression introduced by PR 100320
56bfc202e45 Add unit tests
a5faf0b5ce2 Fix nodes volumesAttached status not updated
4c85abf90bb Fix default config flags
1570a75766b test/e2e/framework: include the new control plane taint
60cd43c44e0 kubelet: Clean up a static pod that has been terminated before starting
33863be9478 Add an e2e test for updating a static pod while it restarts
621894de9d6 cronjob_controllerv2: do not filter jobs to be reconciled by labels
c9f904304d9 kube-proxy: fix duplicate port opening
f783e573f11 increase Azure ACR credential provider timeout
ba2cd0ca3db Updating EndpointSlice strategy to retain node name in topology until field is set
4e69dd88613 fix: do not return early in the node informer when there is no change of the topology label.
68ea240512a /test/e2e_kubeadm: adjust label checks for 1.23
2efffd62367 Ignore container notfound error while getPodstatuses
9f5e25033b6 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.4
d4b2d8cf961 Release commit for Kubernetes v1.23.5-rc.0
e6c093d87ea Release commit for Kubernetes v1.23.4
949798fe712 Add PDB selector patch integration test
47fc5aea4a2 Revert v1beta1 PodDisruptionBudget select patchStrategy
ef293a9ee95 test/e2e_kubeadm: fix matching UnversionedKubeletConfigMap defaults
799ffd58065 kubeadm: fix the bug that 'kubeadm init --dry-run --upload-certs' command failed with 'secret not found' error
c465ceccb32 Update Go to 1.17.7
f0eac451011 Use serializable struct for x-kubernetes-validations in openapi
02d1a291c8b Make JSON schema round tripping test more strict
30eff360132 ignore CRI PodSandboxNetworkStatus for host network pods
34a8474e600 set secondary address on host-network pods
14c399ec5e3 Deeply copy JSONSchemaProps.XValidations.
9fe0c40c8e5 wrap error from RunCordonOrUncordon
0d487176d3a Ensure the execHostnameTest() compares hostnames
733c0ebc7c3 Revert "Fix comparison between FQDN and hostname"
ebfa08cd39b service REST: Call Decorator(old) on update path
92d09f90c01 add namespace in azurefile volumeid
5830d1474ff fix: azurefile volumeid conflict in csi migration
bce4e5ba5b1 Mark device as uncertain if unmount device succeeds
4b868d09c98 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3
72506a8439c Release commit for Kubernetes v1.23.4-rc.0
816c97ab8cf Release commit for Kubernetes v1.23.3
f2c6108f462 kubelet: fix podstatus not containing pod full name
398effdfe0d Fix bug with node restriction blocking pvc.status.resizestatus change
6d08a56228a Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true
996d8fca977 Set max results if its not set
9c31df589b7 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2
918dd8343f0 Release commit for Kubernetes v1.23.3-rc.0
9d142434e3a Release commit for Kubernetes v1.23.2
4935e0a527e Update k/utils to v0.0.0-20211116205334-6203023598ed
38e9dce15f4 [go] update to Go 1.17.6
28ad5463fda fix: remove outdated ipv4 route when the corresponding node is deleted
dfea07a3b04 fix: delete non existing disk issue
65b309c76d8 Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration."
677eae51666 fix containers order after applying
89d8be52ef4 generated: ./hack/update-vendor.sh
04f3c5793c1 upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
8c8fe66f7aa Execute sync before taking the snapshot
4b1d9d80da7 Correct the feature gate string for RBD migration.
50e813278cd fix: azuredisk parameter lowercase translation issue
879947434c0 removed unnecessary log line
88249a973a8 kubectl: add integration test for result reporting
16a4de9268a cli: let kubectl handle error printing
c5365784330 cli: avoid logging command line errors in more cases
26dae30f913 Fix header mutation race in timeout filter
81c8d0aad93 clear pod's .status.nominatedNodeName when necessary
f61c4b18c42 use node informer to check volumes attachment status before backoff
f4ba875cdfd When volume is not marked in-use, do not backoff
e36b9382ecd kubeadm: remove the restriction that the ca.crt can only contain one certificate
f4835a2cd3e flake fix: remove the error handler for cronjob integration test
962ab763c5e Fix the leak of vSphere client sessions
cc6c36f286d client-go: Clear the ResourceVersionMatch on paged list calls
d42a44fcb2f Enabling kube-proxy metrics on windows kernel mode
e6a8826e992 Remove JSON logging performance regression
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The significant commit in this series is:
0e72260df4 delete vendor dir
Which means that we completely have to revamp the recipe to build
without go accessing the network to pull in dependencies. This is
an initial effort, and it is acknowledged that it isn't efficient
or fast, due to the number of fetches and I/O required to complete
the population of the vendor/ directory.
The recipe can be iterated and made more efficient over time.
Bumping k3s to version v1.23.1+k3s1-11-ge7464a17f7, which comprises the following commits:
e7464a17f7 Fix use of agent creds for secrets-encrypt and config validate
8d8c8b0c6b Don't skip the dev image when skipping airgap
31f1a00b6f Fix a typo: advertise-up -> advertise-ip (#4827)
2ac8df3602 Integration tests utilities improvements (#4832)
612a9412fd Enable make generate to use dapper and standardize go and gzip versions (#4861)
66eeabbdfc linter doesn't actually run on windows, found these while getting it running on a windows machine
142b1d96f4 Update channel.yaml for 1.23
ff49dcf71e Export default parser
d0f7e23328 Require integration test to be run as sudo/root (#4824)
a02db0f2fa Fix cgroup smoke test (#4823)
08d538fb3a Update golang
87395e32d6 Update modules for Kubernetes v1.23
6656d48415 Add tests to use vagrantfile (#4722)
70902209b9 Bump stable to v1.22.5+k3s1 (#4821)
3ee3ecb3ac package rename wasnt approved yet, backing out cruft that snuck into last pr
a5c6e6a68a Fix panic checking name of uninitialized etcd member
52e450f033 Add etcd sonobuoy tests
9919f229b6 Add variable to enforce max test concurrency
247298a20d Fix previous channel detection
6872e7da25 More codespell ignores
3ae550ae51 Update bootstrap logic to output all changed files on disk (#4800)
0e72260df4 delete vendor dir
e6cf8f5982 code changes to drop the vendor dir
4eb282edac Move flannel logs to logrus
2e91913f54 Close agentReady channel only in k3s (#4792)
8ad7d141e8 Close etcd clients to avoid leaking GRPC connections
588d15db8f Remove Disables, Skips and DisableKubeProxy from the comparing configs
555dfc54db Add initial skeleton ADOPTERS.md to better track large use cases (#4764)
baf865b836 Add ADR
6f4217a340 Build standalone containerd
8737e2e13f Build script cleanups
89e63972e9 Bump k3s-root to v0.10.1
17eebe0563 Fix cold boot and reconcilation on secondary servers (#4747)
73725a0882 docs: adrs: Dual-stack in network policy agent
d71b335871 Fix snapshot restoration on fresh nodes (#4737)
bf4e037fcf Resolve Bootstrap Migration Edge Case (#4730)
2f3bfc27c0 Add in docs/adr to ensure we capture decisions properly during design calls (#4707)
a6fe2c0bc5 Resolve restore bootstrap (#4704)
a70487d5ae Update wharfie usage in windows code path
3985fd0e26 [master] Add validation to certificate rotation (#4692)
e8a30a87c8 Bump runc to v1.0.3
eb068da7f3 Add `SKIP_AIRGAP` enviroment variable for make (#4688)
8f389ab030 Include node-external-ip in serving-kubelet.crt SANs (#4620)
bcb662926d Secrets-encryption rotation (#4372)
1b3187ea07 Check HA network parameters
7d3447ceff Bump wharfie to v0.5.1 and use shared decompression code
05d43278e2 bump kine to v0.8.1
3b6a3fe905 Update dynamiclistener
a8f7e9f7e8 Nighlty automation vagrant rework (#4574)
a0208058ae Bump stable to v1.21.7+k3s1 (#4636)
77fd3e99ec Add cert rotation command (#4495)
1e6e4db2bc Update maintainers list (#4622)
d05c334a78 Improved cleanup for etcd unit test (#4537)
ae4a1a144a etcd snapshot functionality enhancements (#4453)
0c1f816f24 go generate
a7ba3e14ff Add package version to traefik helm chart
7685da3e24 Improve flannel logging
d93c82f958 [master] Bump golang and containerd (#4538)
65110a4eec [master] Bump Kubernetes to v1.22.4-k3s1 (#4536)
03485632ea Fix regression with cluster reset (#4521)
ef263bd2b0 Improved regex for double equals arguments (#4505)
535a919635 Removed value from warning about skipping flags (#4491)
c77efe64e1 tests/vagrant: refactor vagrant smoke tests (#4484)
f18b3252c0 [master] Add etcd extra args support for K3s (#4463)
41ff19de71 Feature: Add CoreDNS Customization Options
4b57951fb0 Fix to allow etcd-snapshot to use config file with flags that are only used with k3s server. (#4464)
5ab6d21a7d Increase agent's apiserver ready timeout (#4454)
bc7cdc78ca go generate
2e9358934d Add dashboard annotations to Traefik helm chart
5d168a1d59 Allow svclb pod to enable ipv6 forwarding
adaeae351c update bootstrap logic (#4438)
d85b2468ea Corrected skip check for dualstack on CI (#4427)
559c8ad94b install: /usr/sbin/transactional-update (#4403)
7bd65047c3 Match to last After keyword for parser (#4383)
8915e4c7f7 Replace gzip with pigz for faster builds (#4411)
0a5c6b1088 Remove unit tests from drone CI (#4424)
36c6634cce [master] updating to new signals package in wrangler (#4399)
f1d6e9bc4b install.sh: fix path detection for sle-micro (#4398)
86c6924119 containerd: v1.5.7-k3s2 (#4387)
f7dcc139ff Bump klipper-lb image for arm fix
aa3332085f Update k3s CI to run all integration tests (#4358)
94c1b988ca Enable Epics Action to automatically check off child issues in an epic (#4353)
f1622129e4 refactor: Use plain channel send or receive
f9f1cabe9c Fix log/reap reexec
702fe24afe containerd/cri: enable the btrfs snapshotter (#4316)
3da1bb3af2 Fix other uses of NewForConfigOrDie in contexts where we could return err
5acd0b9008 Watch the local Node object instead of get/sleep looping
3fe460d080 Block scheduler startup on untainted node when using embedded CCM
52eb6cac1c install.sh: initial support for sle-micro (#4331)
91cf835ec3 Update to v1.22.3 (#4354)
7c3f21e581 K3s Integration test fixes (#4341)
ab3d25a2c5 Update peer address when running cluster-reset
0a0b915921 reset buffer after use (#4279)
02a314c69a Bump klipper-helm version
918945da45 Added configuration input to etcd-snapshot (#4280)
72a1925a34 install.sh: capture quoted environment variables (#4275)
6e410fad49 Update to the newest flannel
b5b7033afd Bump klog fork version
e11a4bf8bb set duration to second (#4231)
0452f017c1 Add etcd s3 timeout (#4207)
34080b23b1 Copy old bootstrap buffer data for use during migration (#4215)
dbc14b8990 Fix race condition in cloud provider
5a923ab8dc Add containerd ready channel to delay etcd node join
6b4d75d245 maintainers: add Manuel and Michal (#4193)
b282528ee2 Display cluster tls error only in debug mode (#4124)
dc18ef2e51 Refactor log and reaper exec to omit MAINPID
d6b6a3ee9f vagrant: Add Ubuntu 21.04 support
5e01201195 vagrant: Update package list for Ubuntu
e420583684 vagrant: Add support for vagrant-libvirt
f830d09d6e vagrant: Change OS environment variable to DISTRO
feec44572d Improve error message when using a "K10" prefixed token (#4180)
ac7a8d89c6 Add ability to reconcile bootstrap data between datastore and disk (#3398)
9e787bfacb moving fossa to being inline step with a sles image
b6919adf62 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161)
00cf4578ec Dual-stack support LB controller
1f7151ed2f Update stable to v1.21.5+k3s2
9b35734e1a Add topologySpreadConstraints to support scaling of coredns
e24e1332fd Bump containerd to v1.5.7+k3s1
12e675e2cc Don't evacuate the root cgroup when rootless
cd5002ea37 Skip tests that violate version skew policy
5d1a37ee32 Send MAINPID to systemd when reexecing for logfile output
a16105b348 Properly handle operation as init process
f4cea90cb9 set transport to skip verify if se skip flag passed (#4102)
fd495a6a5f Bump stable to v1.21.5+k3s1 (#4068)
87524a7ac7 Enable the inheritance of settings for ipv6
4ec71b360c Adding fossa anaylze/test drone step
73e21e739f Drop broken SupportNoneCgroupDriver support
8005885bad Add 1.22 channel
539e224159 Update build images to python3 for compat with recent gsutil change
b99b943c17 Use the new klipper-lb image that has newer go and Alpine versions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Along with the commit summary below, we have the following changes:
- refresh the GO cross compiler patch context
- add new go dependency package symlinks
- only build the 'tool', since that is all we need
- fix the build error of:
cannot find package runtime/cgo (using -importcfg)
...
recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
by setting the GO_BUILD_FLAGS appropriately for our static and -pie
configuration
Bumping runtime-tools to version v0.9.0-75-g0105384, which comprises the following commits:
8927281 Add syscall "statx" in seccomp to fix Operation not permitted
a202491 spec generator support setting unified
30cecc1 validation/linux_rootfs_propagation: fix
10d2584 runtimetest: validateRootfsPropagation: fixes
8b26e24 validate: rm Clean() arguments
3fb1264 validation: fix Cleanup
14cd51e Makefile: replace TAP with TAPTOOL
adcb290 Fix hanging on runc create.
5ce2cac cmd/runtimetest: fix NewPid deprecation warning
8e1a3b5 deps: bump github.com/syndtr/gocapability to latest
543268b deps: github.com/hashicorp/go-multierror to v1.1.1
4b164a1 deps: bump github.com/opencontainers/selinux to v1.9.1
ee9c051 deps: bump github.com/mrunalp/fileutils to v0.5.0
01a6f47 deps: bump sirupsen/logrus to v1.8.1
abcb94d deps: switch to google/uuid
2253869 validation/.gitignore: fix
953e752 MAINTAINERS: add @kolyshkin
221e5ea deps: bump github.com/xeipuuv/gojsonschema to v1.2.0
67884fc validate: prepare for new xeipuuv/gojsonschema
09d837b Change /dev to be mounted by default with /noexec
10c865d ci: re-add commit subject length validation
a22a894 ci: add golangci-lint run
a7cecde Add*Hook: do not return errors
c0037c9 runtimetest: silence errlint on unix.Unmount
9505f16 Explicitly ignore errors from YAML
fec9c3c validation: fix Clean
0ab61ae validation: fix/rename ReadStandardStreams
6f4b5ba validate: fix staticcheck linter warning
6a9ad7c runtimtest: fix validatePosixMounts
44e9496 Fix "addr cannot be nil" staticcheck linter warnings
d38bd63 Fix deprecation warnings from staticcheck linter
1826c32 Fix gosimple linter warnings
e36f98f Fix deadcode linter warnings
112c88c Makefile: use fancy git commit ids
16dfbbd Makefile: add/use BUILD_FLAGS
5432bc4 ci: replace travis with gha ci
fab664e Makefile: rm gofmt and golint, simplify gotest
98b2d35 Run make .gofmt
0e5956d Switch from Godeps to go modules
71a5e7c generate: add --linux-intelRdt-closid option
4f51ef9 validation: read pid in PostCreate
6502e57 Fix build of hugetlb tests on 32-bit platforms
10f8f55 generate: fix type for Umask
8f1e958 Remove spurious WARNING message
43243fe Add missing interface to set init processes Umask
120c67a AddDevice(): better diagnostic when creating dup
2affd45 Add missing clone rule for s390x.
be9f6f1 Update hugetlb tests to be more portable
5a98426 Fix cgroup hugetlb size prefix for kB
cd1349b Improve performance of AddProcessEnv
73e9a99 update Mashimiao email in MAINTAINERS
ee63cfa release v0.9.0
0d022f7 Makefile: add rule to print validation-tests
6212483 delete: reduce check waiting time
3abdc1f kill: cleanup container on error
4db38e4 oci: kill process before delete
1c40e59 seccomp: add TAP plan to the output
dd39124 validate: check mount label only for bind mounts
6fd7866 misc: use different objects for the different tests
e83ba34 capabilities: correctly add not existing capability
9585ecb adding security and CoC links
6dae2f0 Simplified code
2e8216d validation: add apparmorProfile validation
b113b38 runtimetest: add apparmorProfile validation
743b0b3 validation: add mountLabel validation
3bc60a4 Windows: Typos and incorrect defaults
20302da add selinux deps
555c03d validate: add mountlabel validation
a2df8d9 runtimetest: add mountlabel validation
b90e5bc generate: add oci-version option
00f6e86 Modify the corresponding test according to hashicorp/go-multierror v1.0.0.
b005481 Godeps: update hashicorp/go-multierror
1f0579c hack: drop -dev from runtime-spec version
b1c11da fix up vm parameters
9f6de4d generate: add process-cap-drop option
192a8eb generate: add process-cap-add option
575c8a0 man: Add some instructions and examples to some commands.
9f55c07 generate: fix capabilities add/drop option
3fc5fcb generate: Verify the input values
146c5ee generate: add vm-image-format option
f5e59a3 generate: add vm-image-path option
0cd6663 generate: add vm-kernel-initrd option
3e43643 generate: add vm-kernel-parameters option
fc0fc84 generate: add vm-kernel-path option
73f6711 generate: add vm-hypervisor-parameters option
9b1de8c generate: add vm-hypervisor-path option
e980d2f generate: add windows-devices option
f5556a8 update to golang 1.11
58f2a15 Initialize Config Windows Network
a4a33d4 release v0.8.0
c291c2a Add generate.New support for Windows.
2974f2e readme: fix wrong filepath
fb101d5 Expose Windows namespace
4615fa4 /proc should be mounted with nosuid, noexec, nodev to match the host
30a03ab Fix test
c48ee5c Vendor in windows runtime-spec changes
d5be152 validation: mounts: fix condition of source & type check
069db1a validation tests: use new RuntimeInsideValidate
270145a RuntimeInsideValidate: can now be called several times
4b49cba devel guidelines: update TAP documentation
caa32a1 validation: Implement DeleteOnlyCreatedRes
e86b898 MAINTAINERS: remove philips
dcadcca Makefile: add generate to gotest
ae94592 release v0.7.0
6c943e8 validation: Implement DeleteResImplement
fab1de6 validation: use t.Fail when checking for main test errors
06591d3 travis: add go 1.10
68b7caa mountinfo: parse empty strings in source
a6e6aff validation: check for masked block, char devices, fifo
99c5e91 validation: check for invalid symlink inside container
234933b validation: check for a masked relative path
303ae30 validation: check for read-only block, char devices, fifo
e60cd06 validation: check for invalid symlink inside container
5dd461f validation: check for a read-only relative path
d9febe1 validation: more test cases for masked paths tests
91f2983 validation: more test cases for readonly paths tests
e2d34c1 validation: add more test cases for private & slave propagations
94f1f84 validation: squash rootfs propagation tests into a single file
708de67 runtimetest: improve logic for checking for file modes
2c9b929 runtimetest: correctly check for a readable directory
0a7749a validation: test with different test cases for hugetlb cgroups
ef113d1 validation: add different test cases for blkio cgroup tests
cf9decf validation: add more test cases for linux_cgroups_network
acaa992 validation: test linux_cgroups_cpus with different values
871f0eb validation: test linux_cgroups_memory with different values
279a194 validation: allow RuntimeOutsideValidate to take a tap parameter
58ea84a fix some misspells
c887efb fix generate test in calling generate.New
cf7b786 README: fix broken links to documentation
cd3faf9 validation: fix nil dereference when handling multierror in hooks_stdin
1fb00d9 validation: use helper util.GetRuntimeToolsNamespaces()
0f52f9a validation: add a new test for NSPathMatchTypeError
ad0e97e validation: exclude user namespaces and cgroup namespaces
f64bed2 validation: add more signals to killsig test
613c5de runtimetest: check if /dev/ptmx is a symlink to /dev/pts/ptmx
582a909 validation: test validation test with an empty hostname
1ceca9e validation: use rfcError instead of specerror
a90cd2b validation: print out correct diagnostics based on specError
23c9a51 validation: sync with unshare by using select & time ticker
e132d37 validation: kill child processes by setting process groups
73358a3 validation: fix a bug when passing in namespace strings
c5c1422 validation: add test for NSProcInPath
1794938 validation: add cgroup devices validation
7c6996f check the status of the state passed to hooks over stdin
6cc92d0 validation: fix nil deferences in cpu & blkio cgroups tests
1c243a8 release v0.6.0
ef75900 validation/kill_no_effect: fix bug
3e3094d Add cgroupsPath validation
f7dd673 cgroups_v1: Correction parameters
2640f5c travis: fix fetch issue of golint
e830fa3 validation: split out pringDiag from testNamespaceInheritType
1ac1c02 validation: split out pringDiag from testNamespaceNoPath
7992f01 specerror: Add NewRFCError and NewRFCErrorOrPanic
d165658 validation: add more values for rlimits test
9152ff4 validation: create: don't skip errors on state
cc8ab2e doc: add developer guidelines
d7985e3 validation: add a new test for NSInheritWithoutType
5ce0ff8 validation: add a new test for NSNewNSWithoutPath
14e621c bash: add os
5d2dc61 validation: Implement ConfigUpdatesWithoutAffect
84a62c6 generate: Move Generator.spec to Generator.Config
2e6f6ab generate: Respect runtime.GOOS when generating default template
1917b8c validate: With --host-specific, compare config platform vs. runtime
e1ad3f0 README: Update to reflect granular TAP output
4b888f2 runtimetest: Use ModeType as the mask in the symlink check
732d438 validation: Use non-empty files in masked/readonly tests
20a71e4 runtimetest: Make TAP output more granular
b4014f8 validation/test-yaml: Drop this local experiment
7f50875 docs/command-line-interface: Require complete runtime coverage
fc1bcf5 fix process_user validation
7c5f941 generate: add process-username option
83d367b validation: add process_user validation
0ddb5cd kill stopped container generate error
73964f2 add hooks stdin test
a79a1cb add test case for KillNonCreateRunHaveNoEffect
ff399f1 contrib/rootfs-builder: Use $(cat rootfs-files)
0f3cf9d validation: LinuxUIDMapping: fix tests
984dbc8 Fix error messages in validation cgroup tests
d5630f7 validation: Implement ProcArgsApplyUntilStart
82836c8 validate: mv deviceValid to validate_linux
e99b47e Implement DevicesErrorOnDup
9e919c6 runtimetest: fix root readonly check
c9b4d66 runtimetest: count correctly TAP tests
a7f94a2 rootfs-386.tar.gz: Add with BusyBox v1.28.0
be8811c contrib/rootfs-builder: Support xz (and other) compression formats
eea2bc9 contrib/rootfs-builder: Support timestamps in stage3 dates
141f9ea contrib/rootfs-builder: Don't hit latest-stage3 when STAGE3 is supplied
4dfca7a contrib/rootfs-builder: add /proc, /dev, /sys in rootfs
b5e5322 contrib/rootfs-builder: fix busybox link list
79ae4aa validation: run CLI with correct argument order
e43d1ff return ErrorOrNil in bundle validate
4e999f2 runtimetest: fix uid_map parsing
d412a17 Fix condition in BlockIO test
8e42ca5 Add system validation
4e8dc67 add annotation and prop tests
ac12f97 Implement PosixProcRlimitsTypeGenError and LinuxProcCapError
0ec9fe6 validation: Add system validation
3401d41 validate: CheckLinux is platform dependent
0451545 validate: allow non-linux compatibility
536b713 Implement PosixProcRlimitsSoftMatchCur and PosixProcRlimitsHardMatchMax
198b3ff add 'delete' testcases
b456bda validation: Add error judgment to SetConfig
1cbf66a check RootOnWindowsRequired
e2fbc1b generate/seccomp: platform independent values
55d7e14 implement kill tests
899a400 generate: fix handling of permitted caps drop
4902e9c implement start operation tests
86869d1 validation: Increase err judgment
4947839 validation: implement PosixHooksCalledInOrder test
f48ae22 validate_test: add weightDevice test
27acd46 implement DefaultStateJSONPattern test
b25ef0d validate: implement DevicesErrorOnDup
87c5e52 release v0.5.0
e211fb5 validate: add logrus.Debugf to CheckJSONSchema
fb9511d validate: Add a non-nil test to CheckMandatoryFields
9177741 add tests when prestart/poststart/poststop hooks fail
5cbd8c7 don't overwrite hook which has a same path
9dca840 validate: add weightDevice validation
78fdf66 validate_test: Complement test
4fdf325 nil config support in lifecycle validate
09ddc02 add lifecycle validation
be390c4 change two LGTMs requirement to one
696b805 waiting until the container stopped in inside validation
ed2a4b3 add 'state' test
c76062f validation: Remove runc 'create' exit timing crutches
d8d2396 validation/util/container: Use ExitError for stderr
5e8b51e Add lifecycle testing function; Add pidfile test. Fixes #556
17486b4 Relax LGTM acquirement for PullApprove
0909a7f release v0.4.0
b5a43d1 validation/util/container: Use --bundle (and stop requiring BundleDir)
8769602 validate_test: add TestCheckMandatoryFields
7815111 cmd/runtimetest/main: Run validateDefaultDevices even with process unset
6ae0867 README: Link to the runtime API docs
fb19ae1 cmd/runtimetest/main: Loop for DRYer validateCapabilities
e85081a Makefile: Clearer warning on missing validation executable(s)
0c2e37e validation/util/container: Use a local UUID for stdout/stderr
a12de42 validation/create: Label the state ID comparison test
b880d57 *: Transition from tap Diagnostic(...) to YAML(...)
0c66fe9 vendor/github.com/mndrix/tap-go: Bump to 629fa407
7a4cb36 docs/command-line-interface: Add Runtime CLI Spec (#321)
c2f774c validation: add mount validation
625e232 Hooks should be passed in as rspec.Hook, not as a string.
48b7f56 Modify the legal value of the rootfs-propagation
5bb8754 runtimetest: add validateSeccomp
9144f82 generate: add windows-servicing option
ef277d6 generate: add windows-resources-storage option
4068d38 generate: add windows-resources-memory-limit option
93b5f72 generate: add windows-resources-cpu option
b285305 generate: add windows-network option
6a71d30 generate: add windows-layer-folders option
e9507da generate: add windows-ignore-flushes-during-boot option
df629e3 generate: add windows-hyperv-utilityVMPath option
8397b70 Add interface to remove mounts.
e266af5 generate: modify the function return value
e996b69 generate: add solaris-milestone option
fc48567 generate: add solaris-max-shm-memory option
3bca692 generate: add solaris-limitpriv option
4a9f3fa generate: add solaris-capped-memory-swap option
c9ef766 generate: add solaris-capped-memory-physical option
61884ee generate: add solaris-capped-cpu-ncpus option
01cf5e7 generate: add solaris-anet option
6f10352 AddMounts should be AddMount you are only adding a single Mount
9bcbe83 Recursive propagation flags should be legal to use
3bd8d43 validation/linux_cgroups_*: Generate TAP output
c94875e validation/util/test: Fix 'start' -> 'create' typo in error message
1094856 validation/util: Generic RuntimeOutsideValidate API
612c315 validate_test: perfect TestJSONSchema
8fb3e83 Add validation when host-specific is set
9db5ddf validate: change platform default value
8a09ee1 generate: Use non-null validation instead of initialization
10ede2c validate: Add a double guards to the call of the verification function
2f21180 filepath/clean: Add Windows support
17ce13a filepath/abs_test: Compare IsAbs with the standard library
60df768 filepath/clean_test: Compare with the standard library
f2e8be2 filepath/clean: Avoid a panic on abs-path with trailing ..
eb2ffab filepath/clean: Handle 'a/..' -> '.' case
4b20ce2 validate: fix CheckHooks
4d0a011 validate: fix CheckCapabilities
45068ce validate_test: add TestCheckHooks
34f773a validate_test: add TestCheckPlatform
7c09b4c add relative cgroupath test
1aebc09 update to support relative cgrouppath test
6351044 add cgroup network test for runtime
72e67e5 add cgroup pids test for runtime
b712995 add cgroup cpus test for runtime
f1e02ff add cgroup blkio test for runtime
432615a add cgroup hugetlb test for runtime
4a57b0f add cgroup memory test for runtime
07118a8 add runtimeOutsideValidate
9a56096 add cgroups package
0d75257 validate: remove duplicate verification
229722a validate_test: add TestCheckLinux
e7ee761 remove kernel limit for id mappings
f7b8c7e fix idmappings test
53da048 generate: add linux-intelRdt-l3CacheSchema option
ad47e7d Makefile: Change from prove to node-tap
0a919c0 validation/util/container: Remove bundle even if delete fails
e11b77f validation: Use prove(1) as a TAP harness
721fbce solve conflicting option problem
e409855 man: small fixs
58374ae remove --mount-cgroups option
74d6245 man: add manpage for option --mounts-add
6e78ff2 support json value for hooks
1c2dca0 generate: Move generate_test.go from validation
9422eec cmd/runtimetest/main: Use TAP diagnostics for errors
ca332ae runtimetest: fix nil dereference
cdf38ca validate: fix nil deference
3e82a0a add all left behind container inside tests
9a69e14 add preFunc
39f3f74 runtimetest: add host platform validation
7026311 runtimetest: add rootfs propagation test
adf1844 generate: fix error return
d327e0b generate: fix DropProcessCapability*
b5c45de generate: remove redundant code
5557d36 add more test cases for default runtime validation
9f47cbe remove debug info
68e7720 generate: change process-tty to process-terminal
045bc5f generate: fixed seccompSet
8765570 runtimetest: add posixValidations
45b2686 runtimetest: add validateUser
cc5bf05 runtimetest: fix process validation
6c98b46 runtimetest: Raise ConfigInRootBundleDir for missing config.json
95e0d95 runtimetest: Make validateRlimits silent on Windows
2746c06 move validateRlimits to defaultValidations
3c9cdc5 runtimetest: fix error return
630f06a validate_test: add cwd check to TestCheckProcess
3a46197 add version file
e08f842 release v0.3.0
90ace62 translate RFC errors
a171213 redefine error code as int64
3a97b98 translate more RFC errors based on specerror
87d3df2 complete RFC codes of runtime.md
ccef443 generate: add mounts related option
64c5ef8 complete specerror of config-linux.md config-windows.md
6df06d9 validation: add a generate smoke-test
a6f475f config: correct rootfs default
de08605 validate: allow unset "type" fields in resource devices whitelist
7553161 validate: Soften unrecognized rlimit types to SHOULD violations
b446e38 add specerror framework; complete rfc errors of bundle.md and config.md
19b061c generate: fix nil deference
6d2dbbc runtimetest: fix nil deference
0b49b01 man: fix typo
6089f63 specerror: Add SplitLevel helper
a9dbd7e cmd/oci-runtime-tool: Implement --compliance-level
286d437 fix compile issue
310bac8 bash: fix commands
6dabb9b generate: fix rootfs-propagation
93ba5a2 bash: fix rootfs-propagation
4beb2a6 validate: fix cap validation
ed4adc3 travis: update go versions
19ae238 CHANGELOG: Document changes since v0.1.0
f172006 release: v0.2.0
c3c8c02 rootfs-386.tar.gz: Add with BusyBox 1.25.1
894cae7 validate/validate: Linux rlimits extend the POSIX rlimits
6367e88 validation: Support per-architecture tarballs
ff5e578 contrib/rootfs-builder: Support multiple architectures
a94f1f6 contrib/rootfs-builder/Makefile: Ignore previous symlinks
8635532 contrib/rootfs-builder/Makefile: Raise errors from echo recipe
4f756fd Specific cap-drop command
ea55f9d Specific cap-add command
5cb6c48 rootfs.tar.gz: Bump to BusyBox 1.25.1
1a9532e generate: remove redundant content
567f1aa validate: add root.path validation when platform is windows
2cbb341 validate/validate_test: Add linux.rootfsPropagation checks
6e7da81 validate/validate_test: Better error messages for unexpected JSON Schema errors
4a705c6 validate/validate_test: Handle JSON Schema test not raising an error
16be985 validate: Delete the extra validation
b3fc8fe validate: add the validation of rlimit.type when platform is solaris
24a2327 validate: modify the condition of the deviceValid
cf64923 filepath: Add a stand-alone package for explicit-OS path logic
fa9842c Add manpages and bash-completion for --device-access-add and --device-access-remove
7f09e1b generate: add --device-access-add and --device-access-remove option
a9c6787 generate: support blkio related options
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runtime-spec to version v1.0.2-79-g7ceeb8a, which comprises the following commits:
600a8bd cgroup ownership: clarify that some files may not exist
0608c1f Switch to GitHub Actions, CODEOWNERS, etc.
f4ef391 specify cgroup ownership semantics
104385d config-linux: MAY reject an unfit cgroup
411082c add youki to implementations.md
6641127 alphabetize the implementation list.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bumping image-tools to version v1.0.0-rc3-6-g11f9988, which comprises the following commits:
8899fa9 README: add summary of project status
c6e5a1b version: back to development
25e557a version: update to 1.0.0-rc3
e324098 update email in MAINTAINERS
c3f8284 Revert "Relax LGTMs"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping image-spec to version v1.0.2-144-g02efb9a, which comprises the following commits:
d6ce48a Add mediaType fields into example manifest & image index JSON references
bc44f5b Fixing charter link
02c5c05 implementations: adding the C and Rust libraries
a36b0c8 Handle multiple matching index entries
a3eee7d README.md: Remove link to OCI scope table The OCI scope table no-longer exists.
4533d3e schema: use Go's embed package instead of esc
d147780 .tool: remove lint tool, call linter directly
0e094f3 schema, specs-go: fix lint errors
d3cd202 *: switch to golangci-lint
4d865bc go: have the go.mod at top-level
0f6c001 Remove unneeded docker pull of pandoc image
de28903 Makefile: stale installation of glide was failing
3a46ac8 github: bring forward the versions of golang tested/built with
6ced3bd media-types: `.mediaType` is available in both OCI and Docker
3be64d9 version: bump main back to -dev
beccafd version: release 1.0.2
5b82148 specs-go: adding `mediaType` to the index and manifest structures
2eb4046 *.md: bring mediaType out of reserved status
e3885ce version: bump main back to -dev
67d2d56 version: release 1.0.2
dcdcb7f specs-go: adding `mediaType` to the index and manifest structures
5f31485 *.md: bring mediaType out of reserved status
3fee04b Adding ACR to implementations
8087946 Reflect docker dontation of distribution to CNCF
bd2fa25 Minor spelling correction
fc4df0a Fix very minor oversight in config example
0d98a6c Scope data verification to content consumers
83479d4 Clean up portability considerations
fccc435 Implementations MUST NOT populate data arbitrarily
2596ec0 Expand godoc for Data
58c082d Add note about portability concerns
ce281ce Add Embedded Data section
aaf8045 Define the data field
4f080a7 Add go.mod and pin dependencies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We refresh our wget -> curl patch for context, but otherwise, no other
changes are required.
Bumping lxc to version lxc-4.0.12-8-g5ba5725cb, which comprises the following commits:
5ba5725cb cgroups: modify cgroup2 attach logic
1e4631641 ttys: ensure container_ttys= env variable is set correctly
8ef019a6c doc: Fix reverse allowlist/denylist in Japanese man page
f1c4a17e7 cgroups: log fd of newly created cgroup
f7446b4e1 cgroups: check that opened file descriptor is a cgroup filesystem
71ba7f656 doc: Fix reverse allowlist/denylist
f314419d1 lxc-checkconfig: Fix bashism
ca4c25c6e lxc-net: don't start by default inside lxc
7e37cc96b Release LXC 4.0.12
d678aa61e lxccontainer: allow xdev when creating the container dir
bc61d2354 github: Clear default ACL on /home
fb0e0b3dd github: add systemd-coredump
53e0d390c github: more detailed compilation instructions
db84a8b6b github: log system info
e9282b6a6 github: ensure system liblxc is wiped
ad8a3bd68 lxccontainer: properly wrap lxcapi_create()
bceb81cd2 build: simplify thread local storage handling
919da35b0 build: only enable LTO for regular builds
d0a1e9c44 lxccontainer: simplify partial file creation
62b5c0051 lxccontainer: improve create_partial()
bfe24cb6a lxccontainer: improve do_lxcapi_create()
1a5c236ac lxccontainer: improve do_lxcapi_save_config()
bae0d7196 conf: log termination status
4eb09aaad conf: improve userns_exec_mapped_root()
928943280 github: stop installing gnupg now that it's unused
7c70b0d14 lxc-download: Rely on HTTPS only
199d2077c Update README.md: Fix broken link (403 Forbidden)
0b6b230e3 attach: don't pointlessly call cgroup_init()
dbef704fb commands: log command during file descriptor retrieval
733f9c909 lxc-checkconfig.in: CONFIG_NF_NAT_IPV4 was removed from the kernel 2019-03-03
ce392e230 (trivial) Fix error message, failure was connect not bind
5628bff79 seccomp: close seccomp notifier fd in cleanup handler
1f2af83a9 seccomp: only guard seccomp notify behind HAVE_DECL_SECCOMP_NOTIFY_FD
9451303d5 api-extensions: don't advertise seccomp notify support if it's not compiled in
23d07c315 use 2 sysfs instances for sys:mixed
0dd3258bd Revert "api: ->save_config() doesn't need to create container dir"
93edd510a api: ->save_config() doesn't need to create container dir
28b2e04f1 cgroups: fix compiler warning
15515f9a3 Revert "initutils: use vfork() in lxc_container_init()"
41d2530d1 macro: ensure necessary io_uring flags are defined
fc4e948c9 autotools: Avoid multiple liblxc.so with --enable-pam
a616a311a build: refuse to compile with unsupported liburing version
93be4e512 tests: add lxc.proc.* test
d8027e49c tests: add lxc.sysctls.* test
6f580343e test: improve logging helpers
a10ff3418 conf: improve logging setting sysctl and /proc/<pid>/ parameters
334cf7beb conf: apply /proc/sys and /proc/<pid>/ parameters
1b74e01ad tests: include config.h
c36379431 build: move _FILE_OFFSET_BITS to common option
f24c234ee start: log signal name and number
4915c9112 process_utils: add signal_name() helper
78baec37d build: improve liburing support detection
1a102b310 mainloop: make ifdefs easier to follow
cf931928f Replace last occurence of 'which' with 'command -v'
1ec5939b4 Replace deprecated backticks with $() construct
fdfb4a13d Replace 'which' with 'command -v' in tests too
71743e811 start: check event loop type before closing fd
f69e6b4d3 mainloop: make sure that descr->ring is allocated
1a8895855 Replace 'which' with 'command -v'
9219277cc build: add io-uring-event-loop option
d04eb166c build: add static libcap to output
bc51048b7 confile: don't use path_simplify() on lxc.{execute,init}.cmd
48728e988 conf: add cgroup2, cgroup2:ro, cgroup2:force, cgroup2:ro:force options
4d3aad49d AUTHORS: Update to point to git history
e328a988e conf: handle kernels without or not using SMT
d40b0deb4 doc: fix typo in English lxc.container.conf(5)
49fab27fc doc: Add lxc.sched.core to Japanese lxc.container.conf(5)
1ad1cab80 doc: add loglevels to ja and ko common options
1505f0780 conf: make it more obvious how auto-mount flags are defined
429233cf0 criu: support restoring containers with pre-created veth devices
48e079bf3 Release LXC 4.0.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping umoci to version v0.4.7-70-gfa8e9f8, which comprises the following commits:
c67586e build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
88aaeca fuzz: always use golang:latest
37b9db4 build(deps): bump golang from 1.17.4 to 1.17.5
09ff9d5 build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
86eb281 build(deps): bump golang from 1.17.3 to 1.17.4
610dabf oci: protect against mediatype confusion attacks (CVE-2021-41190)
9b17e05 oci: gc: fix tests to correctly use the right media-types
38c20f1 ci: fix fresh builds
220b0c0 build(deps): bump github.com/opencontainers/image-spec
732d36d build(deps): bump golang from 1.17.2 to 1.17.3
58f3a37 mutator: .Config() should return ispec.Image vs. ImageConfig
001bbd4 ci: update main branch name
7bebba6 ci: osx: only try to unlink parallel if installed
a0d54ce build(deps): bump golang from 1.17.1 to 1.17.2
72ec924 *: use new protobuf package
09d1d79 build(deps): bump github.com/golang/protobuf from 1.5.0 to 1.5.2
88243cd build(deps): bump github.com/rootless-containers/proto
12270d3 build(deps): bump github.com/opencontainers/runc
056236a *: make codecov slightly less annoying
18fdf79 build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0
6f84bbb build(deps): bump github.com/cyphar/filepath-securejoin
0b4d52f build(deps): bump github.com/apex/log from 1.4.0 to 1.9.0
ac6ba6c build(deps): bump github.com/klauspost/pgzip from 1.2.4 to 1.2.5
9cd570d build(deps): bump golang from 1.14 to 1.17.1
26e57a2 gha: enable dependabot
65932cd ci: hardcode Go version used for linting
17111a6 *: use go1.17-friendly go:build tags
f6c2e79 codecov: drop explicit env.CODECOV_TOKEN
f80d8e2 ci: use codecov-action
785ed73 fix(Makefile): avoid usage of which
97099f1 mutate: implement an AddExisting() API
5adbd99 oci: casext: walk: do not attempt to recurse into un-parseable blobs
aad89ed oci: cas: add StatBlob to CAS interface
7091cd1 ci: switch to GitHub Actions
3ceb144 Add 2 fuzzers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping skopeo to version v1.6.1-10-g3e2defd6, which comprises the following commits:
52002728 Update github.com/containerd/containerd
0ad25b2d Bump github.com/containers/image/v5 from 5.19.1 to 5.20.0
8cbfcc82 do not recommend upgrading all packages
370be7e7 Improve a comment in the 010-inspect.bats test
73edfb82 Move to v1.7.0-dev
49084d2c Bump to v1.6.1
23183072 Work around systemd-resolved's handling of .invalid domains
3be97ce2 Beautify a few calls
49d9fa9f Only look for the layer digests in the Layers field.
77363128 Don't expect the config blob to be listed in (skopeo inspect)
0f363498 Cirrus: Use updated VM images
27b77f2b Bump c/common to v0.47.4
de714082 tests: skip sif test on RHEL
697ef595 Bump to v1.6.1-dev
e4b79d77 Release v1.6.0
162bbab3 Bump version of containers/image and containers/common
004519f1 Improve the documentation of boolean flags
9db60ec0 Document where various fields of (skopeo inspect) come from
cb74933b Improve the documentation of the argument to (skopeo inspect)
7f4db3db Update vendor of containers/storage and containers/common
a4476c35 add a SIF systemtest
042f4816 Update vendor of containers/common
bd8ed664 Github workflow: Fix yaml syntax
b51707d5 Bump github.com/containers/storage from 1.38.0 to 1.38.1
bb49923a prompt-less signing via passphrase file
cd58349b Github-workflow: Report both failures and errors
2858904e Run codespell on code
923c58a8 Update the vendor of containers/common
1bf18b7e Bump github.com/containers/storage from 1.37.0 to 1.38.0
d32c56b4 Update github.com/containerd/containerd to 1.5.9
6007e792 Fix the pseudo-version of github.com/opencontainers/image-spec
5aa06a51 Update github.com/opencontainers/runc to v1.0.3
f6a84289 Bump github.com/spf13/cobra from 1.2.1 to 1.3.0
c5b45c6c Bump github.com/docker/docker
c582c484 Add option to preserve digests on copy
2046bfda Add option to preserve digests on copy
e7dc5e79 proxy: Also bump compatible semver
3606b2d1 proxy: Add a GetFullConfig method
5c82c772 Update github.com/containerd/containerd to v1.5.8
37d801c9 Update opencontainers/image-spec
d9401546 Add an option to allow copying image indexes alone
4dcd28df Use a dynamic temp dir for test
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.0-5-gb9460f26, which comprises the following commits:
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
d7f7b22a VERSION: back to development
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.0-5-gb9460f26, which comprises the following commits:
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
d7f7b22a VERSION: back to development
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman now installs the systemd service and socket by default, so
we can drop our custom installation of those elements, otherwise the
build is unchanged.
Bumping libpod to version v4.0.1-11-g717edd7b8, which comprises the following commits:
0f626c377 Bump to v4.0.3-dev
342c82593 Bump to v4.0.2
bd5ff1c32 Update release notes for v4.0.2
791c8c347 Revert "use GetRuntimeDir() from c/common"
cc4a70c80 Revert "Option --url and --connection should imply --remote."
ca980c2e0 Option --url and --connection should imply --remote.
cfcc0d639 Bump to v4.0.2-dev
c8b9a2e3e Bump to v4.0.1
b1ffa822f Update release notes for v4.0.1
de9f22805 Fix a potential flake in volume plugins tests
697dd2890 Propagate $CONTAINERS_CONF to conmon
c559e4e6f tests: Remove inaccurate comment
3718d096b System tests: show one-line config overview
e1d5c812d provide better error on invalid flag
2b85f62a2 use GetRuntimeDir() from c/common
82f4760de kube: honor --build=false and make --build=true by default
e356dfe06 system tests: cleanup networks on teardown
71b0909f2 Remove the runtime lock
ee7cf3cc2 Don't log errors on removing volumes inuse, if container --volumes-from
eb9fe52a5 kube: honor mount propagation mode
a0c34d64a Load ip_tables modules at boot
e8d7e580a Cirrus: Disable F34 aka prior-fedora testing
7b106f5b6 Cirrus: Update VM Images for 4.0 release
d59749d64 Bump to v4.0.1-dev
49f8da727 Bump to v4.0.0
84c8870ac Release notes for v4.0.0 final
15cb91855 Fix lint
ae9ad416a Fix manifest 4.0 Endpoints Branch forced 4.0 only endpoints
1a8c715f1 Introduce podman machine init --root=t|f and podman machine set --root=t|f
f71dfcb5d Initial implementation of mac forwarding using a privileged docker sock claim helper
2128236da ignition: propagate proxy settings from a host into a vm
809da6b0b Update to podman4 copr stream
bd8ac0017 Unify ls --filter docs for networks and pods
77e51e188 e2e: merge after/since image-filter tests
8ad29421e podman network: add documentation for netavark
f35e03ec8 create: Fix key=value annotation in the flag output
22cfa9860 enable netavark specific tests
d77b4f92c Fix checkpoint/restore pod tests
a72e22160 Make sure building with relative paths work correctly.
975d79aed Add 409 response to swagger godoc
421b7466c Fix images since/after tests
04badc2c9 Changes of docker descriptions
09708bee9 Fix images since/after tests
35a4f32be Changes of docker descriptions
629d86445 Temporarily pull machine images from side repo
a6fbfd47c Cirrus: TODO: netavark/aardvark release branches
e5644bbf1 Cirrus: Expand netavark testing to include rootless
1656a2335 Cirrus: Minor - limit release task applicability
afb39f2e4 Cirrus: Add [CI:BUILD] magic that only builds
926c3b08a CI: fix nightly builds
1e3115cf4 Cirrus: Log netavark/aardvark binary build info.
66a3be370 Cirrus: Add netavark/aardvark system test task
6b0d4d915 Cirrus: Also download aardvark-dns binary
b63f61f5c Cirrus: Add e2e task w/ upstream netavark
6a3de9351 Revert minimum API change
9688a462e netavark e2e tests
92790e98c Bump to v4.0.0-dev
d7d79ce81 Bump to v4.0.0-RC5
5356e36b8 Update release notes for v4.0.0-RC5
77ca2498e Modify /etc/resolv.conf when connecting/disconnecting
f8cd4df1b Do not set the network config dir to cni plugin dir
d0fccbbbb Show API doc for several versions
e7998b122 [NO NEW TEST NEEDED] Add schema for ImageCreate 200 response.
6d01b6dd6 fix: Multiplication of durations
ed60f8908 move rootless netns slirp4netns process to systemd user.slice
7e37c608f compat: endpoint /build must set header content type as application/json in reponse
9aee36b76 Cleanup: remove obsolete/misleading bug workaround
b1b9a0d7a tests: retrofit healthcheck system tests
74cba33c7 healthcheck, libpod: Read healthcheck event output from os pipe
7ec63f092 Fix: Do not print error when parsing journald log fails
d62a0204d Bump github.com/buger/goterm from 1.0.1 to 1.0.4
bcd5f5ead append podman dns search domain
b1bf91a22 Podman pod create --share-parent vs --share=cgroup
85c0fe7dc System tests: revert emergency skip of checkpoint tests
71d151449 Add version guard to libpod API endpoints
345413540 [v4.0] Bump c/common to v0.47.4
7499496f3 idmap should be able to be specified along with other options
e47a3bec9 Vendor in containers/buildah v1.24.1
cad3eb78b Bump to v4.0.0-dev
0c9648136 Bump to v4.0.0-RC4
c1618042f Disable failing E2E test
70623790d Revert "Move each search dns to its own line"
48f10e1d0 Move each search dns to its own line
938d5152c Update release notes for v4.0.0-RC4
99968002f Document `schema` values in the `--url` flag
6d747dca2 podman image scp syntax correction
e0cbcdc33 system prune: remove all networks
8f3f0710f Only change network fields if they were actually changed by the user
fb6fca806 docs: clarify rootless net stats
cad6459b6 Fix size to match Docker selection
06821627f libpod: enforce noexec,nosuid,nodev for /dev/shm
44cd232be Clarify remote client means Mac and Windows
9d3bcb587 libpod: report slirp4netns network stats
f65b62c98 Add notes to "--oom-kill-disable" not supported on cgroups V2
178cccbf9 Fix use of infra image to clarify default
97c8bdfeb Adapt podman images ls filters docs to be aligned with prune filters docs
49076ba87 ignition, machine: delegate cpu,io cgroup controllers to machine's default users
0c9a8ac07 pkg/bindings/images.Build(): slashify "dockerfile" values, too
3b565bacf Remove mention of IPv6 portfwd from release notes
10a966a2a Bump to v4.0.0-dev
9b441c0dd Bump to v4.0.0-RC3
f5dfe026d Update release notes for v4.0.0-RC3
ebf5ad50e Fix Cirrus destination branch
e64e6500d volume: add support for non-volatile upperdir,workdir for overlay volumes
a928d39d0 github: label issues based on os fix regex
525bdc377 github: label issues based on os
4c26a3a5c Cirrus: Fix get_ci_vm.sh initial setup
d455bb879 System tests: emergency skip of checkpoint tests
6961d9120 network create: allow multiple subnets
86547cc24 Update troubleshooting.md
24dc02064 Fix sort ordering of filters
63b1557a2 Unify podman prune filter description: volumes, networks, system
4a4d86d40 Bump Buildah to v1.24.0
6336e1ff1 rootless: drop permission check for devices
77cd38d40 switch podman image scp from depending on machinectl to just os/exec
ab22a688d Bump github.com/containers/image/v5 from 5.18.0 to 5.19.0
991652988 Bump github.com/containers/storage from 1.38.0 to 1.38.1
9073b56a3 change location of where make outputs podman binary on osx
72ddacdbe Github workflow: Fix parsing of GraphQL response JSON
6df245c6e Github-workflow: Fix YAML syntax
44a87229b Update godoc, swagger using wrong struct
e4636ebdc Makefile: install targets independent of build
42e1c2981 [CI:DOCS] Fix typos and improve language
7cdb00a45 CI: enable rootless-remote system tests
98739237e pkg/specgen/generate/security: fix error message
29e89da1a Github workflow: Send e-mail on job error
0d42d9f8d Github workflow: Update Cirrus-cron GraphQL query
dbfe79757 remote build: set rootless oci isolation correctly
8099a61b6 [CI:DOCS] Fix typos and improve language
80a5295d4 Fix handling of duplicate matches on id expansion
1cddd6397 Show correct default values or show none
e252b3b4f exec: retry rm -rf on ENOTEMPTY and EBUSY
2f371cb12 container create: do not check for network dns support
75e6994d4 libpod: fix leaking fd
f6e36a649 libpod: fix connection leak
e68d188f6 [CI:DOCS] fix typo subpordinate
aff6a5af8 Fix filter description and unify filters docs for containers/images prune
7938f32c5 Remove unused param and clean API handlers
e834297b3 Restore machine start logic that was hanging
c81a616ca Bump to v4.0.0-dev
71238d3cc Bump to v4.0.0-RC2
b29640c78 Final release notes for v4.0.0-rc2
5736649eb Run codespell on code
f6bb60087 Update release notes for Podman v4.0.0
653da8fe8 Fix #2 for compat commit handling of --changes
9d815707e Fix nil pointer dereference for configmap optional
0b5136c7c Make error message matching in 030-run.bats less fragile
9241b4e34 Don't explicitly check for crun|runc in package information
2947ded7a Don't segfault if an image layer has no creation timestamp
1c0fdba4f compat: remove hardcoded index from load images output report
9df31cfb7 compat: images/load must be able to load tar with multiple images
47df14af5 System tests: fix for new systemd on rawhide
ee039b740 Remove rootless_networking option from containers.conf
e22b9889d vendor c/psgo@v1.7.2
1f85244ab Engine.Remote from containers.conf
2c492be00 vendor: bump c/common and other vendors
7046e7804 rootless: report correctly the error
2d0b5ebb5 Implement API forwarding for podman machine on Windows
4693fc6db Implement env parsing on Windows
c674d3cc7 Handle changes in docker compat mode
dbaaef5c4 Show package version when running on alpine
b9a2d8698 Handlers for `generate systemd` with custom dependencies
abcd29239 APIv2 tests: followup to recent log test
4b384e08a Add IndexConfigs to compat /info endpoint
a0165a64b Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
af6a43fa4 apiv2 test: add regression test for #12904
4d1c327ed SECURITY.md: fix the project name
c0e072346 rename --cni-config-dir to --network-config-dir
7e30531f2 compat attach: fix write on closed channel
774271c38 upgrade all dependencies
38fbc8af1 Revert "Cirrus: Temporarily disable OSX Cross task"
4adf457ff Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
bd09b7aa7 bump go module to version 4
f23e8ca67 [NO NEW TESTS NEEDED] add builddeps to copr template
471a4356b CI: rootless user: also create in some root tests
c8124b88a [WIP] Tests for podman image scp (the sudo form)
141de8686 Revamp Libpod state strings for Docker compat
860463d97 Cirrus: Temporarily disable OSX Cross task
06ad51c83 update c/common to latest
10d969ff1 Use PODMAN_USERNS environment variable when running as a service
6bca61e0f Unify the method of parsing filters in cmd
3c2a5947c fix default branch links
d6e55577c [CI:DOCS] fix default branch links
bb3097cd0 [CI:DOCS] Unprivileged native overlayfs is now supported
ab8a50848 [CI:DOCS] Fix typo in --env
420303b94 Recursively copy cert files.
8a7e70919 Refactor manifest list operations
350765e79 Add rpkg template for COPR autobuild
607cb80bf Fix cgroup mode handling in api server
a15dfb364 Standardize on capatalized Cgroups
13917dfab test/system: podman run update /etc/hosts
14940a067 Remove two GetImages functions from API
72ab66d88 Use fully-qualified device name in CDI test
968deb7c2 Use new CDI API
96be2bb3d troubleshooting links to main branch
bf3734ad5 Podman Build use absolute filepath
699683010 Prohibit --uid/gid map and --pod for container create/run
a4cef5435 podman container rm: remove pod
ece768ff9 Manual fixes for PR #12642:
92e787521 podman build enable --all-platforms and --unsetenv
fa6405c3c use events_logfile_path from containers.conf for events log.
f257d9839 Podman Pod Create --sysctl support
b7fe25dc2 Wait for podman stop to complete
194d14ca2 libpod: fix check for systemd session
8dc2464b0 libpod: refine check for empty pod cgroup
b24063582 fix buildah-bud test diff
85f9cf390 upgrade test: check that network backend is cni
918890a4d use netns package from c/common
0151e10b6 update buildah to latest and use new network stack
858b21064 podman image scp: implement --quiet
495884b31 use libnetwork from c/common
fde6ad637 Add --noout option to prevent the output of ids
5aedcb364 remote events: convert TimeNano properly
47374aac8 Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
485305a5f vendor latest c/common
6e208c222 add additional fields to podman machine ls --json
6fa077750 buildah bud tests: skip failing tests
83b0fb469 Fix permission on secrets directory
8f2358eea Add podman rm --depend
f04465bfe fix host.containers.internal entry for macvlan networks
6d5ad9c11 It takes some time to start a VM
c085fb3c9 Pretty Print output of podman machine ls --format json
19a475906 Use the InfraImage defined in containers.conf
799078216 Cirrus: Freshen VM images
0e4e5cf99 Revert "Cirrus: Temp. ignore gitlab task failures"
a95c01e0e pkg: use PROXY_VARS from c/common
a8b02cf4b ignition: add support from setting SSL_CERT_FILE
5c363ff27 ignition: propogate HTTP proxy variables from host to remote
18785450e Bump to v4.0.0-dev
9d26c1abb Bump to v4.0.0-RC1
508f9b76e System tests: fix RHEL8 gating tests
b7380a7c3 vendor c/common
01ba2531b Remove dead RuntimeOption functions
0933f6c0b Update docker cli message for case where user creates directory
4dc5a5b15 Don't add env if optional and not found
a8a3e8bc9 Fix type-o in podman.wxs
37c0b27b6 [CI:DOCS] fixes indentation of example pod yaml
7dada6d49 Prevent double decoding of storage options
f68890815 Emergency system-test fixes
1941d45e3 add OCI Runtime name to errors
2a524fcae fix healthcheck timeouts and ut8 coercion
4191616cc Don't rename pod if container has the same name
13f3fd255 Set volume NeedsCopyUp to false iff data was copied up
7a24be6ad Fix CI
680923743 correct typo words in docs
64df41755 Change Tests to ignore missing containers when removing --all
79c5b73ed test/e2e/pod_initcontainers: fix a flake
cf7fc3695 test/e2e/run: don't use date +%N on Alpine
2e0d3e9ea Support all volume mounts for rootless containers
32e845028 Fix wrong 'podman search --format' placeholder
0c6ae3ab2 Fix Container List API call to return mount info
76a944b14 fix misleading comment regarding default value of cpu period [NO NEW TESTS NEEDED]
c496001d0 add --ip6 flag to podman create/run
116a276e8 legacy events: also set exitCode
f6a3eddd2 Don't initialize the global RNG with GinkgoRandomSeed() in e2e tests
90e74e794 Avoid collisions on RemoteSocket paths
ee146a9ab Refactor remote socket path determination in tests
a8e223faf fix doc
2ff5644bf test/system: podman run image with filesystem permission
fc65b0f73 test/system: podman run with log-opt option
1e3434d11 Update swagger documentation
6630e5cf6 Make it possible to select the volume driver
a3326e23d Check the mount type for future compatibility
8e7eeaa4d Implement virtfs volumes for podman machine
ec32430a0 [CI:DOCS] Add example of cpus to init command
a2687783d prefix imageId with sha256: in containers list test for compat API ImageId
289270375 Pod Security Option support
f21744939 ignition: add certs from current user into the machine while init
410082f25 docs: sort swagger operations alpabetically
7117d5605 .service file removal on failure
803defbe5 Introduce Windows WSL implementation of podman machine
f6d00ea6e podman image scp never enter podman user NS
e8c06fac9 Allow users to add host user accounts to /etc/passwd
1aa4e4d4d container creation: don't apply reserved annotations from image
cbcab4342 [CI:DOCS] clarify `io.podman.annotations.seccomp`
d669dbfb9 Error out early if system does not support pre-copy checkpointing
b746b2256 Update go-criu to v5.3.0
cb4f498e4 [CI:DOCS] docs: document rootless userns mappings
3ac5999f8 Switch to a new installer approach using a path manipulation helper
207823eb0 e2e: Add dev/shm checkpoint/restore test
f3d485d4d Enable checkpoint/restore for /dev/shm
2d7dbda41 Update github.com/checkpoint-restore/checkpointctl
af1dbbfb7 Always run passwd management code when DB value is nil
a5e49d966 Warn on use of --kernel-memory
04dbbd96b support hosts without /etc/hosts
20ce6e5c6 Podman run --passwd
fca66b6cb ci: force scratch build for crun
64ce6949f Use hosts public ip address in rootless containers
b1f5e861b compat: image normalization: handle sha256 prefix
89ee302a9 specgen: honor userns=auto from containers.conf
bb096c3bf [CI:DOCS] Small checkpoint/restore man page fixes
1ddb49c66 [CI:DOCS] Explicitly mention that checkpointing systemd containers might fail
3570c38ff vendor: update containers/storage
48cb44651 build: fix test for subid 4
46a094a7a test: add --rm to podman run commands
af6bcd086 fix(generate): fix up podman generate kube missing env field bug
a1ebde118 legacy events: also set Action="die"
a837984c4 rootless: include the args in the debug message
5cbc6b62d apiv2 tests: use quay.io/libpod/testimage:20210610 for platform tests
12d762f8e image rm: allow for force-remove infra images
6423174c6 tests: adjust old build test to expect exit code
28018ce60 Test for checkpoint specific inspect fields
bc3389e21 Add more checkpoint/restore information to 'inspect'
f566d8b8e build: relay exitcode from imagebuildah to registry
e88c21366 Removed .service file for healthchecks
a86495ea6 Set machine timezone
459e78414 MovePauseProcessToScope do not seed everytime
f241efb17 bindings rmi test: clarify behavior
03a3fc37f bump cobra to 1.3.0
6cde9255f .github: revert to the old template
4243ca93a oci: configure the devices cgroup with default devices
3b6510da6 kill: fix output
5392ff51c e2e: search flake: skip test on registry.redhat.io
7b51acd4c APIv2 tests: fail on syntax/logic errors
51a4bef2e Show --external containers even without --all option
0a2eb7b18 apiv2 tests: refactor complicated curls
888c778ee fix network id handling
afdb4dc22 Update Windows Install Doc
52b12fe98 Fixes #12063 Add docker compatible output after image build.
65d5a2b68 pause scope: don't use the global math/rand RNG
ef325bc8c specgen: check that networks are only set with bridge
094e1d70d container restore/import: store networks from db
3e9af2029 play kube add support for multiple networks
535818414 support advanced network configuration via cli
d072167fe Add new networks format to spegecen
46938bbf8 fix incorrect swagger doc for network dis/connect
4791595b5 network connect allow ip, ipv6 and mac address
9ce6b6413 network db: add new strucutre to container create
4e8ad039c remove unneeded return value from c.Networks()
5490be67b network db rewrite: migrate existing settings
5f1f62f0b network ls: show networks in deterministic order
5a071d9f5 Bump github.com/docker/docker
1fff76c3c pprof flakes: bump timeout to 20 seconds
50501f49a Add secret list --filter to cli
8cb93ac10 Cirrus: Temp. ignore gitlab task failures
81a0a7984 compat build: adhere to q/quiet
5bbcfaf4a Make XRegistryAuthHeader and XRegistryConfigHeader private
3cfefa124 Remove the authfile parameter of MakeXRegistryAuthHeader
d79414c54 Simplify the header decision in pkg/bindings/images.Build a bit
f9be32627 Remove the authfile parameter of MakeXRegistryConfigHeader
935dcbb00 Remove no-longer-useful name variables
0e29b8975 Consolidate creation of SystemContext with auth.json into a helper
fe1230ef7 Remove pkg/auth.Header
3725a34cb Call MakeXRegistryAuthHeader instead of Header(..., XRegistryAuthHeader)
78dd79752 Turn headerAuth into MakeXRegistryAuthHeader
d073b1275 Call MakeXRegistryConfigHeader instead of Header(..., XRegistryConfigHeader)
8155fb565 Turn headerConfig into MakeXRegistryConfigHeader
29f408871 Move the auth file creation to GetCredentials
9d56ebb61 Consolidate the error handling path in GetCredentials
da86a2328 Only look up HTTP header values once in GetCredentials
1589d70bc Use Header.Values in GetCredentials.has
2946e8349 Beautify GetCredentials.has a bit
1ecc6ba72 Pass a header value directly to parseSingleAuthHeader and parseMultiAuthHeader
6f1a26b04 Simplify parseSingleAuthHeader
7674f2f76 Simplify the interface of parseSingleAuthHeader
2aeb690d3 Don't return a header name from auth.GetCredentials
491951d66 Fix normalizeAuthFileKey to use the correct semantics
1b6bf9713 Rename normalize and a few variables
d29a4a6d1 Add TestHeaderGetCredentialsRoundtrip
ad7e5e34f Add tests for auth.Header
5a5aa6009 Improve TestAuthConfigsToAuthFile
ff003928b Add unit tests for singleAuthHeader
b162d8868 Add unit tests for multiAuthHeader
bc191ca7d fix e2e test missing network cleanup
99bc00421 pprof CI flakes: enforce 5 seconds grace period
1d781ccbe [NO NEW TESTS NEEDED] rootless: declare TEMP_FAILURE_RETRY before usage (Fixes: #12563)
593d0907c --hostname should be set when using --pod new:foobar
a63035be2 Cirrus: Use cached swagger binary
6d19ecadc inotify: make sure to remove files
18854f566 System tests: remove rm_pause_image()
b526a0ccd specgen: honor empty args for entrypoint
2d517b687 generate systemd: support entrypoint JSON strings
6c05961ba Bump github.com/uber/jaeger-client-go
d7f6f4e88 remove runlabel test for global opts
0999245e4 utils: reintroduce moveToCgroup
99e9fcdb6 autocopr: distro conditionals for containers-common
d87a9b788 vendor c/image/v5@main
2130d1853 Update vendor or containers/common moving pkg/cgroups there
7d0fd175f volume: apply exact permission of target directory without adding extra 0111
851349345 Cirrus: Remove remnants of nix-based static build
d35aa3f29 Refactor podman pods to report.Formatter
3753347d6 rootless netns: resolve all path components for resolv.conf
eee3a42b7 tests: clean up FIXMEs and noise
207065ce9 fix remote run/start flake
6d7e6d744 e2e: fix pprof flakes
c91fb244c Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
76f5100be vendor c/common@main
527fd3c0f Escape trailing slash in install directory location so the closing quote is not escaped
e89a62602 centos 9 stream cannot use %autochangelog
7d22cc88e Refactor podman system to report.Formatter [NO NEW TESTS NEEDED]
8e0532623 add spec file for automated copr builds
c9ad1da51 Add restart-sec option to systemd generate
2e132d1d4 Fix documentation of (podman image save --compress --uncompressed)
952046ffd Improve documentation of (podman image save --format)
7d331d35d Add support for configmap volumes to play kube
bd9f8815e cmd, push: use the configured compression format
aafbaa497 [CI:DOCS] logformatter: fix corner case with links
ecd48325f UPdate vendor of image-spec and containers/storage
fe1cdab59 vendor: update containers/common
babc69367 Update doc to explictly mention using ed25519 in ssh keys
61792de36 Refactor podman image command output
6cb25b3d1 Manual fixes
eb1212bed Same thing, with BeNumerically("==", x)
c0a8814fb Use HaveLen(x) instead of Expect(len(y)).To(Equal(x))
92f9e1176 Same thing, for BeNumerically("==", 0)
7c6123f8e Use BeEmpty() instead of len(x).To(Equal(0))
c67649546 Same as previous, for assertions other than Equal()
478f2da5d e2e tests: a little more minor cleanup
8d6d9df40 compat API: push: report size of manifest
2683ecbbc compat: images/json
a0e696411 Add ashley-cui, lsm5 and floutoc to owners
65109494b remove ARTIFACT_DIR and ArtifactPath
3ac1b9bc0 Image caches: allow overriding cache dir
5ac66e2aa Rename CrioRoot as just Root
3ff47748d Fix possible rootless netns cleanup race
db3a4c070 [NO NEW TESTS NEEDED] Refactor podman container command output
4e63f9192 Hostname in `spec.hostname` should be passed to infra ctr init opt
0afaf7837 container, cgroup: detect pid termination
e2b344728 top: parse ps(1) args correctly
6673ff78d podman, push: expose --compression-format
9ce7ade8c e2e: yet more cleanup of BeTrue/BeFalse
f415b3055 Ensure the generated NodePort values are unique
a948ecbb9 Allow containerPortsToServicePorts to fail
ec686d68d Don't use the global math/rand RNG for service ports
d48c00418 Move a comment to the relevant place
8eb0be0a2 a few more manual BeTrue cleanups
f7cbb1d84 Convert strings.Contains() to Expect(ContainSubstring)
12787963b e2e tests: more cleanup of BeTrue()s
5a56f4094 Implement 'podman run --blkio-weight-device'
9a10e2124 systemd: replace multi-user with default.target
5bdd571b1 compat API: allow enforcing short-names resolution to Docker Hub
0ddb09448 Fixed the containerfile not found during remote build.
c80a2e449 podman-remote: prevent leaking secret into image
e7204178e podman-remote: copy secret to contextdir is absolute path on host
bfcaf538b api: allow build api to accept secrets
931c08157 Only open save output file with WRONLY
f330c197b List /etc/containers/certs.d as default for --cert-path
b63d69640 e2e tests: enable golint
697ff213d fix: parsing of HostConfig.Mounts for container create
2e50514ad Move the chown to after the ADDs
cbda62d1b fix: error reporting for archive endpoint
d5c3cc949 Bindings test: emit GIT_COMMIT, for links in logs
bc3c5be2f checkpoint do not modify XDG_RUNTIME_DIR
e648122b2 libpod: improve heuristic to detect cgroup
a66f40b4d libpod, inspect: export cgroup path
b25b33030 stats: get the memory limit from the spec
84e81252f compat: Add compatiblity with Docker/Moby API for scenarios where build fails
c7ebaeee0 libpod: leave thread locked on errors
eb3708a52 Find and fix empty Expect()s
df6aa6730 Unset SocketLabel after system finishes checkpointing
c034147fe Remove StringInSlice(), part 2
2fcb39586 Remove StringInSlice(), part 1
cd59721de e2e test cleanup, continued
533636395 Update basic_networking.md
5cf2683bf Warn on failing to update container status
a4e4b8d92 oci: ack crun output when container is not there
08558b27f oci: exit gracefully if container is already dead
dd80635df Support env variables based on ConfigMaps sent in payload
0d1aaf080 image lookup: do not match *any* tags
566b78dd0 generate systemd: add --start-timeout flag
49d63ad5c Oops! Manual edits to broken tests
97ab9176f e2e tests: clean up antihelpful BeTrue()s
aa301225a Cirrus: Strip out static nix build
9c8fb5cc0 Rename pod on generate of container
2ab28140d [CI:DOCS] Update notes on java TZ in man page
73e95d1c3 Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
044edbb9c Fix netavark error handling and teardown issue
13ee1788f swagger: add layers to build api docs
022273c19 compat: add layer caching compatiblity for non podman clients
f564c9a34 Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
a8b3c67b9 Add note about volume with unprivileged container
d173ebc06 Add EXPOSE e2e test
02be831ce Support EXPOSE with port ranges
ab56a7c4b compat: Add subnet mask behind IP address to match Docker API
d06899769 [CI:DOCS] Add java TZ note to run manpage
44b240470 Bump github.com/rootless-containers/rootlesskit from 0.14.5 to 0.14.6
21629b050 podman-remote does not support signature-policy
ced0ffbe8 Add tests for restore runtime verification
c76caba36 Use same runtime to restore a container as during checkpointing
8198e96f3 Force iptables driver for netavark tests
501643c8b Make sure netavark output is logged to the syslog
6011149ca filter: use filepath.Match to maintain consistency with other pattern matching in podman
c03b6b54f Semiperiodic cleanup of obsolete Skip()s
a3664269b [CI:DOCS]upload a translation file
b2623ceb4 api/handlers: Add checkpoint/restore FileLocks
84021cfdc test: Update error string for --file-locks test
22ef7b620 fix duplicated logs command
19400ec0d Bump github.com/docker/docker
7f96a8d2d Bump k8s.io/api from 0.22.3 to 0.22.4
0dae50f1d Do not store the exit command in container config
7098463e7 Add test for checkpoint/restore with --file-locks
6d23ea60d Add --file-locks checkpoint/restore option
7f52bd843 Cirrus: Bump Fedora to release 35
3ee2d2367 Cirrus: Partially revert catatonit --force install
226be65bd Revert "Cirrus: Temp. disable prior-fedora testing"
5bd43fbea Cirrus: Workaround log_driver=journald setting
f3021f3f6 Cirrus: Fix bindings test hang b/c logging config mismatch
155a443a9 Cirrus: Timeout bindings test after 30m
3aa7076ff Cirrus: Log more things in bindings and unit tests
d6d1ce980 Minor Makefile fix
62d6b6bf7 rootless netns, one netns per libpod tmp dir
2e5d3e8fb Introduce Address type to be used in secondary IPv4 and IPv6 inspect data structure.
e83d36665 volumes: add new option idmap
fceecc3a5 remote checkpoint/restore: more fixes
6f6a6925b fix CI
010bee04c fix: take absolute path for dd on apple silicon
d6c18902e System tests: new checkpoint tests
3073543fd rootless: use catatonit to maintain user+mnt namespace
cb9de1007 rootless: drop strerror(errno) calls
084e32336 rootless: reuse existing open_namespace function
277d52686 rootless: use auto cleanup functions
ee6271113 utils: use podman-pause-$RANDOM.scope name
e367f4614 hack/bats: deal with new bin helpers
422dc5e69 Change error message for compatibility with docker
97c6403a1 rename libpod nettypes fields
8ca300ae9 podman machine start wait for ssh
33ec8c669 fix remote checkpoint/restore
44d1618dd Add --unsetenv & --unsetenv-all to remove def environment variables
364b242b7 Set config environment variables early in Podman init
63ef7135d journald logs: keep reading until the journal's end
014cc4b9d secret: honor custom target for secrets with run
5df883e87 bindings: reuse context for API requests
295d87bb0 podman machine improve port forwarding
c21259bf8 Network test: fix podman-remote-rootless corner case
c050f05cc filter: add basic pattern matching for label keys
c8790bfbb cirrus: force-install catatonit
5934e4c9b infra container: replace pause with catatonit
58cf0d462 Revert "add kubernetes pause"
d28b39a90 Added test for checkpoint/restore --print-stats
914f4c890 Update man pages for checkpoint/restore --print-stats
80e56fa12 Added optional container restore statistics
6202e8102 Added optional container checkpointing statistics
062c88771 Error logs --follow if events-backend != journald, event-logger=journald
9226ccb59 Enable 'podman run --memory-swappiness=0'
164c42b48 Fix network mode in play kube
b1c002342 Always create working directory when using compat API
f517510bc play kube: don't force-pull infra image
ac38eca3f Podman Image SCP transfer patch
6762d5e23 --authfile command line argument for image sign command.
f35d7f4dc Cirrus: Temp. disable prior-fedora testing
0b60b191d Cirrus: Update to Ubuntu 21.10
3af19917a Add failing run test for netavark
fe90a45e0 Add flag to overwrite network backend from config
9f4d63f91 libpod: create /etc/mtab safely
8041d44c9 Add network backend to podman info
b2f7430b6 Add more netavark tests
1c88f741a select network backend based on config
3fe0c4917 Fix RUST_LOG envar for netavark
4febe5576 netavark IPAM assignment
eaae29462 netavark network interface
12c62b92f Make networking code reusable
c43b81f9a Fix flake in upgrade tests
73e1cdfe9 export adding id-specifier code to setContainerNameForTemplate
980c47aaa VOLUME must be declared after RUN chown command
3690532b3 network reload return error if we cannot reload ports
27de152b5 network reload without ports should not reload ports
a55fdbb49 Print headers for system connection ls
6236be4ff [CI:DOCS] Add CI check for SEE ALSO in man pages
1ef66d6d7 podman load: support downloading files
2720156fa Add links to all SEE ALSO sections
df0666436 pod create: read infra image from containers.conf
9877280f5 rootless: adjust error message
216e2cb36 Fix rootless networking with userns and ports
faf450ea1 support health checks from image configs
6ee3b33d3 change from run to create in 250-systemd.bats
d0b502fce Exclude already built sources for static build
72cf38968 shm_lock: Handle ENOSPC better in AllocateSemaphore
8a9da7698 Fix Zsh completion command documentation
555e21557 Match .c files in Makefile
65609f338 Add Static Build download instructions to README
7225ddb5b Add links to podman build,run, create see also
2ed31f9f1 Minor test tweaks
8b7b0b7ca pod create: read network mode from config
5fbc67f20 Bump Catatonit up to v0.1.7
e907f095b test connection add
338eb9d75 system: Adds support for removing all named destination via --all
6444f2402 pod/container create: resolve conflicts of generated names
f3fab1e17 podman-generate-kube - remove empty structs from YAML
4e8bf8be4 Add some information about disabling SELinux when using system volumes
02f67181a Fix swagger definition for the new mac address type
5c0351cc6 Log Apache access_log-like entries at Info level [NO NEW TESTS NEEDED]
3e1940a8e Test to check for presence of 'stats-dump' in exported checkpoints
6b8fc3bd1 Add 'stats-dump' file to exported checkpoint
ffa5ed0e0 Podman Image SCP rootful to rootless transfer
7f433df7e rename rootless cni ns to rootless netns
58f8c3d74 mount full XDG_RUNTIME_DIR in rootless cni ns
6fee827c7 Bump github.com/checkpoint-restore/go-criu/v5 from 5.1.0 to 5.2.0
756dda298 Keep error semantics intact
614c6f597 Fix rootless cni netns cleanup logic
b85e3764a tweak a couple of flag descriptions in help output
ff92d7371 Update swagger doc make filed optional
ba8eba83e Fix bindings container log test
0234b153c test: run --cgroups=split in new cgroup
001d48929 MAC address json unmarshal should allow strings
6e6388eac Make stop message more similar to start
449cc7a5c Implement top streaming for containers and pods
f2115471d Handle HTTP 409 error messages properly for Pod actions
d0dfc5e22 Add tests
48d0d2b4a Fix swagger definitions
48e1cca9f More conforming libpod API and swagger types
62ee24bb7 More conforming libpod API and swagger types
a845613d0 Better emptiness test for custom JSON serializer
7b2531c13 System tests: enhance volume test, add debug prints
15eb01601 add unit test to containers_test
120ad2d3c Use correct swagger type in doc-comment
9c34bd52f Cirrus: Authorize rootless user self-ssh
218d91d76 Fix libpod API conformance to swagger
e69eae645 Fix help message case for `podman version`
9fc98f265 Fix pause usage example
749487600 Use systemctl in local system test
98506c961 Allow label and labels when creating volumes
c5f0a5d78 volumes: be more tolerant and fix infinite loop
3c79202fb Add information on how podman machine is updated
4e9e6f21f volumes: allow more options for devpts
e6286fbac volumes: do not pass mount opt as formatter string
feebf1bd8 Bump k8s.io/api from 0.22.2 to 0.22.3
960831f9c runtime: change PID existence check
9e5cd3205 oci: rename sub-cgroup to runtime instead of supervisor
0136a66a8 libpod: deduplicate ports in db
e68fbf03a Set flags to test 'logs -f' with journald driver
dcbf5cae1 Set Checkpointed state to false after restore
ff31f2264 container create: fix --tls-verify parsing
6b3b0a17c runtime: check for pause pid existence
825889cc7 utils: do not overwrite the err variable
d53789068 Fix systemd PID1 test
864748df5 Record the image stream along with the path
55397de93 cgroups: use SessionBusPrivateNoAutoStartup
8163d38c6 vendor: update godbus to v5.0.6
008075ce5 Slirp4netns with ipv6 set net.ipv6.conf.default.accept_dad=0
c723e6b97 Fix a few problems in 'podman logs --tail' with journald driver
bf8fd943e Allow 'container restore' with '--ipc host'
efd1c080b Document to not set K8S envars for CNI
773caf293 Bump github.com/docker/docker
75f478c08 pod create: remove need for pause image
9d2b8d279 add kubernetes pause
e86549b18 cirrus: containers: mount directory in /var/tmp to /tmp
2e3611d61 overlay root fs: create mount on runtime dir
a42c131c8 Update vendor github.com/opencontainers/runtime-tools
d6296c918 If Dockerfile exists in same directory as service, we should not use it.
adee084d6 Fix tests of podman image trust --raw and --json
53ff49237 Tighten the expected output of the "podman image trust show" test
c872788e4 Use INTEGRATION_ROOT instead of current directory
acd8b4900 Add support to play kube for --log-opt
d7662edf6 [NO NEW TESTS NEEDED] Fix off-by-one index comparision (reported by LGTM)
24c83980e Fix some typos in documentation and comments (found by codespell)
22270fb84 Replace 'an user' => 'a user'
936ab158c [CI:DOCS] Fix typo keep_id -> keep-id
38c78381c Set DOCKER_HOST in the VM
ce4ed7d13 fuse-overlay probably means fuse-overlayfs.
ece0c7e5d Support template unit files in podman generate systemd
8e3760c29 Remove --kernel-memory options
f4f96962c tag: Support tagging manifest list instead of resolving to images
30245f584 Remove infra ID from DB before removing containers
70a5d8cd1 System tests: confirm that -a and -l clash
12d0a8509 systemd: compatible with rootless mode
960a55c09 system tests: CONTAINER_* and --help: cleanup
20b5a8599 podman run --memory=0 ... should not set memory limit
c3801f0fa Add information on how to discover default log driver
d24ce0a33 Add test for system connection
517b56b02 Generate Kube should not print default structs
9500e11a8 libpod: change mountpoint ownership c.Root when using overlay on top of external rootfs
34dcbc949 Change podman connection list to use default field
087f8fc73 Allow API to specify size and inode quota
db7a98de4 Use exponential backoff when waiting for a journal entry
4f7a431da Pod Rm Infra Improvements
c8cffe1b3 system tests: socket activation: clean up
d0f7b99c6 rootfs-overlay: fix overlaybase path for cleanups
468e7c689 Move CONTAINER_HOST and _CONNECTION to IsRemote Function
207abc4a9 We should only be relabeling when on first run
4f857bc10 If CONTAINER_HOST env variable is set default podman --remote=true
8db62d04f Set targetPort to the port value in the kube yaml
16e7cc8bf Do not add TCP to protocol in generated kube yaml
ab4c9a894 Use CGO_ENABLED=1 when building natively on darwin
c1497cf44 Test-hang fix: Wait for ready + timeout on connect.
8439a6d5e Checkpoint/Restore test fixes
f9ff0525c Don't include ctr.log if not using file logging
50b9d82f2 Don't use docker/pkg/archive, use containers/storage/pkg/archive
7112a4159 Fix codespell errors
184de3955 Adjust tests to verify all subcommands show the help message
8cae2978e Fix panic in container create compat api
5d18fb923 Don't add image entrypoint to the generate kube yaml
cc875fd26 Display help text on empty subcommand by default
14bfee31f podman search: display only name and description by default
8600bce53 codespell code
7b1e386f7 Add information about .containerignore to podman build man page
cead18537 CNI: fix network create --ip-range
4631f5b28 Kube Gen run as user/group issues
3ba69dccf rootlessport: reduce memory usage of the process
ab0e6630f No space in kube annotations for bind mounts
0459484bd Fix CI flake on time of shutdown for API service
b28a8bc19 Refactor podman search to be more code friendly
69b665996 Unit files: Use actual installed path for podman
1e81787e3 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
9042520cf cgroups: use cgroup.controllers to read controllers
ab8fb3876 builder: Add support for builder prune
7580c2273 Remove a volume with --force if container is running
6b2939884 Use SplitN(2) when copying env variables
e57b32c59 podman stats: move cgroup validation to server
54471acba fix test
dd5975f3d Support readonly rootfs contains colon
90b5318b8 [CI:DOCS] oci-hooks.5.md: fixup section in header
8d3aec9d0 Enable /debug/pprof API service endpoints
5caf6b94e Not all fields in machine list were set properly
fad14dafe faster image inspection
48d26a893 Warn if podman stop timeout expires that sigkill was sent
6fc73ea4e [CI:DOCS] introduce --replace flag for play kube
0479fd8d6 [CI:DOCS] Include manifest example usage
a487a6382 Change podman.1 man page to show corret log-level default
da8e4cdeb Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
6f9e9ee9e Fixes #11668
fbce7584d libpod: fix race when closing STDIN
8bd9f58d1 Ensure `podman ps --sync` functions
e1089e89d Allow `podman stop` to be run on Stopping containers
675d2d0c1 Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1
033a662b9 Bump github.com/docker/docker
521c0cbd1 It really should be no **NEW** tests needed
fb118b852 README.md: Point to Podman's channels
8e80f4d24 Add podman-plugins to upstream image
a726043d0 CNI networks: reload networks if needed
8156df5b7 bump c/common to latest and c/storage to 1.37.0
21c9dc3c4 Add --time out for podman * rm -f commands
d6b9451b4 Cirrus: Fix defunct package metadata breaking cache
163d81cc0 Pod Events Logging Fix
c67593df1 [NO TESTS NEEDED] Ignore removed containers
6da97c863 Pod Volumes From Support
4ea5d6971 Add note about empty fields and null values for API responses
97bf6331f Bump github.com/containers/buildah from 1.23.0 to 1.23.1
641f0ccc4 Add podman play kube --no-hosts options
fb2355adb Gating tests: fix permissions error
686b7ef7b pkg/specgen: cache image in generator
0b5a2b746 cirrus: gitlab: download packages
648882bf6 Add guard for BuildOptions.CommonBuildOpts
bf94ebf42 System tests: tighten 'is' operator
7e81d78ed Update README and release notes for v3.4.0
cc4232169 sdnotify test: accept MAINPID anywhere
642d68299 machine: silently cleanup dangling sockets before rm if possible
a1dce3a0d Add expose type map[uint16]string to description
0a156211d [NO TESTS NEEDED] Fix typo in storage.conf file exists message
1ff6a5082 Support selinux options with bind mounts play/gen
9c6c98192 kube: fix conversion from milliCPU to period/quota
5090920cc Bump github.com/mattn/go-isatty from 0.0.12 to 0.0.14
5c1b3e8d7 test: use new helper
788106dad test: skip test on rootless cgroupsv1
5a33b7aef machine: Info on successfully stopping qemu machine
c25cc7230 Allow a value of -1 to set unlimited pids limit
1805ed360 Vendor in latest containers/storage
c9ea2cae1 Storage can remove ErrNotAContainer as well
ccff77025 libpod: container create: init variable: do not deep copy spec
5ea369ade libpod: add GetConfigNoCopy()
30bf31010 libpod: add execSessionNoCopy
98176f001 libpod: do not call (*container).Spec()
2d8605189 Pod Device-Read-BPS support
97f755f87 Remind user to check connection or use podman machine
678b554b1 Ensure pod ID bucket is properly updated on rename
60824c613 Fix contributor make targets on Ubuntu and Debian
0d4fa7bc9 Implement PR template to assist review & release
5d6ea90e7 libpod: do not call (*container).Config()
a3cdee979 [NO TESTS NEEDED] Add port configuration to first regular container
d14f66972 [CI:DOCS] cmd/podman: no dot for short descriptions
1c8926285 move network alias validation to container create
d0950f3ef set --cni-config-dir for exit command
05614ee13 always add short container id as net alias
a9a54eefa image prune: support removing external containers
86083c580 System tests: speed up. They've gotten too slow.
344ba32c8 Add dockerfile.5 as man link to containerfile man page
87559b020 Set MSI to be 64-bit only.
ca3c08bf9 fix podman network prune integration test flakes
f76fa3475 Cirrus: Add gitlab podman runner test
1df0646b0 CNI: network remove do not error for ENOENT
464fec260 remote build: EvalSymlinks() the context directory
8fca626e3 stop: Do nothing if container was never created in runtime
3ce98a5ec logging: new mode -l passthrough
3600054d1 Allow machine options to be set from containers.conf
5a2ca77b9 Vendor in containers/common v0.46.0
c668ca859 podman machine: do not join userns
b3307bc9c Disable docker and alias to podman in FCOS ignition
1e0039a83 added healthcheck to ps command
a97551eb2 Fix english on prune prompt
3d8dec982 Document missing /images/search query parameters
6095c4fac rootful: do not set XDG_RUNTIME_DIR for cni plugins
1cf66f514 Revert "rootful: unset XDG_RUNTIME_DIR"
ba46613a6 Add completion for machine list format
2df0685cb Set context dir for play kube build
ce080d25c Makefile: use -ldflags/-gccgoflags depending on the go implemenatiton
82818caff Update docs for --platform in podman-build.1
b6e5a4909 shell completion: do not show images without tag
119973375 podman inspect add State.Health field for docker compat
01bf8a668 podman save: enforce signature removal
4ecaf85d9 Add JSON version of the machine list
ed3c4a89d Add support for :U flag with --mount option
2d5d98c04 [CI:DOCS] Add link to running ctrimage on enablesysadm
b6fecbb75 Ignore mount errors except ErrContainerUnknown when cleaningup container
1c4e6d862 standardize logrus messages to upper case
45ee5c5db podman generate kube should not include images command
f5f95d722 Fix machine image
db44addf9 sync container state before reading the healthcheck
0baee2cc3 Also show the (initial) disk size
911298252 Show cpus and memory in machine list
5acf8ae12 Eighty-six eighty-eighty
68d21b6ff net types: remove omitempty from required fields
49c5688a3 podman save: add `--uncompressed`
af49810a6 Bump CNI to v1.0.1
5875e409e vendor c/psgo@v1.7.1
738f2b36e [CI:DOCS] Add network alias note in man pages
4ecbc7caa Add a backoff and retries to retrieving exited event
319fcf52f Cross-build release-archives w/ arch in filename
34043bd81 Fix Error, empty output for info: 'VERSION'
185294cb8 Generate kube should'd add podman default environment vars
ae5de8b39 volume: Add support for overlay on named volumes
8fac34b8f Pod Device Support
8453c8ce6 Support --format tables in ps output
61217f3ba Remove references to kube being development
b74edfb0a Add support for retrieving system service --timeout
3221f50a4 Add podman image/container inspect man pages
665b451e5 [CI:DOCS] Add link to skopeo delete in podman rmi
509812457 vendor c/common@main
92ee2f372 remote untag: support digests
cb077c968 Created MapOptions for PodCreate
a1861c570 Bump k8s.io/api from 0.22.1 to 0.22.2
5242030ac compat API: /images/json prefix image id with sha256
cf28dab9f podman machine: use gvproxy for host.containers.internal
eea5d2512 utils: return error message from StartTransientUnit
4caca0969 utils: raise warning only on cgroupv2
74ad05396 Add podman machine init --now option
22df773f7 System tests: cleanup, and remove obsolete skips
e3e9e5175 Add username flag for machine ssh
c692f7a18 Remove unused code from libpod
62350fed6 [CI:DOCS] markdown cleanup
613ef220f Fix up build the docs site
7ca666f47 Use a new markdown converter for sphinx
a2c8b5d9d runtime: move pause process to scope
72534a74b system: move MovePauseProcessToScope to utils
9c1e27fdd system: always move pause process when running on systemd
fa9728c55 system: avoid reading pause pid file
f1ee23425 Only add 127.0.0.1 entry to /etc/hosts with --net=none
4216f7b7f Add no-trunc support to podman-events
aee0ab98c CNI: add ipvlan driver
c20f61148 CNI: network create support macvlan modes
5c7935057 Do not allow network modes to be used as network names
9c091e42d fix inverted condition
7c5d64b47 Fix /auth compat endpoint
5e8309464 Add Drivers method to the Network Interface
1bcd006c5 CI: load ipv6 kernel modules for rootless tests
b906b9d85 Drop OCICNI dependency
85e8fbf7f Wire network interface into libpod
218f132fd cni network configs set ipv6 enables correctly
24bec9a76 default network: do not validate the used subnets
aa7bc4e37 network create: validate the input subnet
3e77f960f Set default storage from containers.conf for temporary images
0b1c45bc5 container runlabel remove image tag from name
962675c14 build.bats: fix copy tests after containers/buildah#3486
d0c605cd3 build: mirror --authfile to filesystem if pointing to FD instead of file
5cafb6d18 Fix example in podman machine init man page
222b62e7b vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0
9b04e1789 api: handle nil pointer dereference in rest endpoints
5dbf3ee7a build: take advantage of --platform lists
64de4f612 Document `all` query parameter for /libpod/images/prune
38c5f6721 Show variant and codename of the distribution
952fc4a6f Use new aarch64 fcos repos
d7256be80 Enhance bindings for IDE hints
84005330a Pod Volumes Support
b1768d3b0 test: enable --cgroup-parent test
44abc1797 libpod: honor --cgroups=split also with pods
65f3b16c6 tests: enable --cgroups=disabled test for rootless
afe4d17be tests: simplify --cgroups=disabled test
d3f0f09ad libpod: rootful close binded ports
072b061b4 Search gvproxy with config.FindHelperBinary()
a55e2a00f rootfs: Add support for rootfs-overlay and bump to buildah v1.22.1-0.202108
6221f269a fix restart always with rootlessport
d30facfda Cirrus: NM/CNI workaround + Remove prior-Ubuntu
ba2130ff5 If container exits with 125 podman should exit with 125
9ae947654 Bump github.com/json-iterator/go from 1.1.11 to 1.1.12
b0cbcd1d0 bump c/common to v0.44.0
32424d9a9 remove rootlessport socket to prevent EADDRINUSE
3c77a98e4 Add deprecated fields for 1.22+ clients that still expect them
7a667c4ac Use default username for podman machine ssh
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Bumping docker-distribution to version v2.7.1-42-g3b7b5345, which comprises the following commits:
97f6dace [release/2.7] vendor: github.com/opencontainers/image-spec v1.0.2
10ade61d manifest: validate document type before unmarshal
c5679da3 [release/2.7] vendor: github.com/golang-jwt/jwt v3.2.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker to version v20.10.12-84-g906f57ff5b, which comprises the following commits:
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
180f3b9cc7 update containerd binary to v1.5.10
0fa0d70489 [20.10] update to go 1.16.15 to address CVE-2022-24921
4679ffd01c docs: remove HostConfig.LxcConf field from API docs
fbbe1fcfd8 api: remove HostConfig.LxcConf field
a5a697143d docs: fixing /exec/{id}/resize response code in API documentation
42b13c09a6 Added error codes for exec resize in API docs
aa69e8ed3f Fixed exec resize success code in API docs
ca5ba4890e Fix typo on the v1.41 changelog
db214206e5 vendor: bump etcd v3.3.27
df6a536193 vendor: github.com/coreos/etcd v3.3.25
9502dec32f [20.10] Update Go to 1.16.14
878b9de935 daemon/graphdriver/fuse-overlayfs: Init(): fix directory permissions (staticcheck)
d1b3497bfa [20.10] vendor: github.com/docker/distribution v2.8.0
f9344b45fe api/swagger: move DistributionInspect to definitions
13cb9d9723 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
7f9760e10c api/swagger: fix up event-types and move to definitions
e6739a2884 api/swagger: move DistributionInspect to definitions
d445d24804 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
5e38ae84b2 api/swagger: fix up event-types and move to definitions
012fdff916 Fix swagger docs to match the opencontainers image-spec
13cbf7fbb7 Extract PluginPrivilegeItem as explicit type definition
8fbcf0611b Use explicit object names for improved swagger based code generation
b8bee972c4 Fix ContainerSummary swagger docs
7092a6091c Add "changes" query parameter for /image/create to swagger docs
adf1e470a1 Add RestartPolicy "no" to swagger docs
b4b469eac2 Fix swagger docs to match the opencontainers image-spec
2c38a2a635 Extract PluginPrivilegeItem as explicit type definition
621bfddd6e Use explicit object names for improved swagger based code generation
8a5240a8aa Fix ContainerSummary swagger docs
751cf68e36 Add "changes" query parameter for /image/create to swagger docs
a961b76aef Add RestartPolicy "no" to swagger docs
ad21bcd94e Jenkinsfile: remove Windows RS1 as it reached end of support
b2684c1857 Fix for lack of syncromization in daemon/update.go
8268f70ebb daemon/logger: replace flaky TestFollowLogsHandleDecodeErr
78d0b936b8 daemon/logger: refactor followLogs to write more unit tests
39519221c2 daemon/logger: test followLogs' handleDecodeErr case
ada1b01de1 daemon/logger: read the length header correctly
829f071228 update containerd binary to v1.5.9
3e5eea4192 update runc binary to v1.0.3
bd42e17284 update containerd binary to v1.5.8
3fd0b8d6eb Update containerd binary to v1.5.7
3700adb70a Update containerd binary to v1.5.6
0f37f2989b Dockerfile: update gotestsum to v1.7.0
2716336abd Dockerfile: use "go install" to install utilities
b35a1707e3 Dockerfile: use version for some utilities instead of commit-sha
2a18825cdf Dockerfile: remove GOPROXY override (was for go < 1.14)
0f925d5d3d remove deprecated "nokmem" build-tag for runc
fb45fe614d info: remove "expected" check for tini version
fd32c70031 update containerd binary to v1.5.5
302114634c update containerd binary v1.4.8
1cd13dcb6c Update containerd binary to v1.5.3
5f09d5c76a update containerd binary to v1.5.2
23f23c99ed update containerd binary to v1.5.1
f036a34c5b update containerd binary to v1.5.0
1dd37750a6 Revert "[20.10] update containerd binary to v1.4.5"
b097d29705 Revert "[20.10] update containerd binary to v1.4.6"
de656f9da4 Revert "[20.10] update containerd binary to v1.4.7"
9e36f77577 Revert "[20.10] update containerd binary v1.4.8"
eb2acf2fb3 Revert "[20.10] update containerd binary to v1.4.9"
4e838e50ea Revert "[20.10] update containerd binary to v1.4.10"
79fd9c1541 Revert "[20.10] update containerd binary to v1.4.11"
13de46fd4b Revert "[20.10] update containerd binary to v1.4.12"
aa92e697cb [20.10] update Go to 1.16.13
f9df098e76 fluentd: Turn ForceStopAsyncSend true when async connect is used
81fc02b7e1 vendor: github.com/fluent/fluent-logger-golang v1.8.0
d6f3add5c6 vendor: github.com/fluent/fluent-logger-golang 1.6.1
660b9962e4 daemon.WithCommonOptions() fix detection of user-namespaces
a621bc007b [20.10] update Go to 1.16.12
f4daf9dd08 [20.10] update Go to 1.16.11
dc015972bb vendor: github.com/opencontainers/image-spec v1.0.2
e0108db2bd [20.10] fix vendor validation
d47de2a4c7 [20.10] update containerd binary to v1.4.12
da9c983789 [20.10] vendor: github.com/moby/buildkit v0.8.3-4-gbc07b2b8
c1f352c4b1 distribution: validate blob type
c96ed28f2f vendor: update github.com/containerd/containerd
7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage
34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories
0e76a0a418 info: unset cgroup-related fields when CgroupDriver == none
c7edd308ad [20.10] Update Go to 1.16.10
b3456925ca vendor: update github.com/docker/distribution
6611c72b65 cmd/dockerd: create panic.log file without readonly flag
4b9a3dac46 Fix race in TestCreateServiceSecretFileMode, TestCreateServiceConfigFileMode
acb4f263b3 Fix racey TestHealthKillContainer
59d2a2c397 dockerd-rootless.sh: Fix variable not double quotes cause unexpected behavior
2c6aa5aad9 Remove needless check
3285c27503 Fix log statement 'failed to exit' timeout accuracy
a4bcd4c64f docker daemon container stop refactor
bed624fdc9 docker kill: fix bug where failed kills didnt fallback to unix kill
80b7e8b5d7 buildkit: normalize build target and local platform
c2b9a32875 vendor: Update go-winio to v0.4.20
c580a02873 [20.10] Update Go to 1.16.9
129a2000cf [20.10] update containerd binary to v1.4.11
6835d15f55 [20.10] update containerd binary to v1.4.10
5730c139f7 Bump swarmkit to get fix for rollback
59f10e3435 quota: adjust build-tags to allow build without CGO
fa78afebcf Update Go to 1.16.8
567c01f6d1 seccomp: add support for "clone3" syscall in default policy
07728cd2bd update runc binary to v1.0.2
964768f200 cmd/dockerd: add the link of "the documentation"
80f1169eca chrootarchive: don't create parent dirs outside of chroot
93ac040bf0 Lock down docker root dir perms.
b0c0b73798 bump up rootlesskit to v0.14.4
decb56ac89 Update Go to 1.16.7
Bumping docker-cli to version v20.10.12-22-ga22408634, which comprises the following commits:
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
700364e30 Fix mistake with env var example in docker run docs
62d27c32f Update WORKDIR command information
c0e952cf0 Fix the (dead) link for docs for Dockerfile syntax reference
04104a04d Update dockerd.md
b721998b7 Fixing typo (his --> its)
4065e1246 format create.md table
f1002eb9f Fix typo
e97c7b240 added missing closing parenthese
aa7893763 Update stats.md add example json output
40fe0573a Update Ubuntu version number references in push.md
c9737e1c3 docs/daemon: replace deprecated '-g' option for '--data-root'
5c6723d08 Correct device syntax to --gpus
fd5fc61ec [20.10] Update Go to 1.16.14
3624019d8 [20.10] update Go to 1.16.13
f3ff8e6ad [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog
ee1ac1b31 fix innocuous data-race when config.Load called in parallel
38dd744a1 [20.10] Update Go to 1.16.12
4de40a825 Update Go to 1.16.11
03fa8f92c Update Go to 1.16.10
9989fdbc4 Update most links in docs to use https by default
0e20c1fd2 Update Go to 1.16.9
1c0927a04 Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg
82f9d5921 info: skip client-side warning about seccomp profile on API >= 1.42
adb01ca79 docs: some minor touch-ups in checkpoint reference
8260476a0 docs: remove trailing space to fix generated YAML format
bce2e1f95 docs: create.md: typo fix
44064f51c Fix typo in documentation - build.md
292779add Add doc for BUILDKIT_PROGRESS env var
f2e79b826 docs: use "console" code-hint for shell examples
fa46b9236 docs: rewrite reference docs for --stop-signal and --stop-timeout
400f81089 experimental: fix broken link to "checkpoint and restore" page
c72057c8d docs: move checkpoint/restore doc from experimental into reference
77db97d59 Use private network address for default-address-pools setting in daemon.json example
cbf0d2b7b docs: fix some broken anchors
d0014a86b docs: fix description of restart-delay to mention max (1 minute)
6c1c8b55a docs: fix search results by filterd is-official
44fdac11f Update Go to 1.16.8
061051c24 docs: add missing redirect, and remove /go/experimental redirect
2012fbf11 Update Go to 1.16.7
42d1c0275 registry: ensure default auth config has address
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.12-84-g906f57ff5b, which comprises the following commits:
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
180f3b9cc7 update containerd binary to v1.5.10
0fa0d70489 [20.10] update to go 1.16.15 to address CVE-2022-24921
4679ffd01c docs: remove HostConfig.LxcConf field from API docs
fbbe1fcfd8 api: remove HostConfig.LxcConf field
a5a697143d docs: fixing /exec/{id}/resize response code in API documentation
42b13c09a6 Added error codes for exec resize in API docs
aa69e8ed3f Fixed exec resize success code in API docs
ca5ba4890e Fix typo on the v1.41 changelog
db214206e5 vendor: bump etcd v3.3.27
df6a536193 vendor: github.com/coreos/etcd v3.3.25
9502dec32f [20.10] Update Go to 1.16.14
878b9de935 daemon/graphdriver/fuse-overlayfs: Init(): fix directory permissions (staticcheck)
d1b3497bfa [20.10] vendor: github.com/docker/distribution v2.8.0
f9344b45fe api/swagger: move DistributionInspect to definitions
13cb9d9723 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
7f9760e10c api/swagger: fix up event-types and move to definitions
e6739a2884 api/swagger: move DistributionInspect to definitions
d445d24804 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
5e38ae84b2 api/swagger: fix up event-types and move to definitions
012fdff916 Fix swagger docs to match the opencontainers image-spec
13cbf7fbb7 Extract PluginPrivilegeItem as explicit type definition
8fbcf0611b Use explicit object names for improved swagger based code generation
b8bee972c4 Fix ContainerSummary swagger docs
7092a6091c Add "changes" query parameter for /image/create to swagger docs
adf1e470a1 Add RestartPolicy "no" to swagger docs
b4b469eac2 Fix swagger docs to match the opencontainers image-spec
2c38a2a635 Extract PluginPrivilegeItem as explicit type definition
621bfddd6e Use explicit object names for improved swagger based code generation
8a5240a8aa Fix ContainerSummary swagger docs
751cf68e36 Add "changes" query parameter for /image/create to swagger docs
a961b76aef Add RestartPolicy "no" to swagger docs
ad21bcd94e Jenkinsfile: remove Windows RS1 as it reached end of support
b2684c1857 Fix for lack of syncromization in daemon/update.go
8268f70ebb daemon/logger: replace flaky TestFollowLogsHandleDecodeErr
78d0b936b8 daemon/logger: refactor followLogs to write more unit tests
39519221c2 daemon/logger: test followLogs' handleDecodeErr case
ada1b01de1 daemon/logger: read the length header correctly
829f071228 update containerd binary to v1.5.9
3e5eea4192 update runc binary to v1.0.3
bd42e17284 update containerd binary to v1.5.8
3fd0b8d6eb Update containerd binary to v1.5.7
3700adb70a Update containerd binary to v1.5.6
0f37f2989b Dockerfile: update gotestsum to v1.7.0
2716336abd Dockerfile: use "go install" to install utilities
b35a1707e3 Dockerfile: use version for some utilities instead of commit-sha
2a18825cdf Dockerfile: remove GOPROXY override (was for go < 1.14)
0f925d5d3d remove deprecated "nokmem" build-tag for runc
fb45fe614d info: remove "expected" check for tini version
fd32c70031 update containerd binary to v1.5.5
302114634c update containerd binary v1.4.8
1cd13dcb6c Update containerd binary to v1.5.3
5f09d5c76a update containerd binary to v1.5.2
23f23c99ed update containerd binary to v1.5.1
f036a34c5b update containerd binary to v1.5.0
1dd37750a6 Revert "[20.10] update containerd binary to v1.4.5"
b097d29705 Revert "[20.10] update containerd binary to v1.4.6"
de656f9da4 Revert "[20.10] update containerd binary to v1.4.7"
9e36f77577 Revert "[20.10] update containerd binary v1.4.8"
eb2acf2fb3 Revert "[20.10] update containerd binary to v1.4.9"
4e838e50ea Revert "[20.10] update containerd binary to v1.4.10"
79fd9c1541 Revert "[20.10] update containerd binary to v1.4.11"
13de46fd4b Revert "[20.10] update containerd binary to v1.4.12"
aa92e697cb [20.10] update Go to 1.16.13
f9df098e76 fluentd: Turn ForceStopAsyncSend true when async connect is used
81fc02b7e1 vendor: github.com/fluent/fluent-logger-golang v1.8.0
d6f3add5c6 vendor: github.com/fluent/fluent-logger-golang 1.6.1
660b9962e4 daemon.WithCommonOptions() fix detection of user-namespaces
a621bc007b [20.10] update Go to 1.16.12
f4daf9dd08 [20.10] update Go to 1.16.11
dc015972bb vendor: github.com/opencontainers/image-spec v1.0.2
e0108db2bd [20.10] fix vendor validation
d47de2a4c7 [20.10] update containerd binary to v1.4.12
da9c983789 [20.10] vendor: github.com/moby/buildkit v0.8.3-4-gbc07b2b8
c1f352c4b1 distribution: validate blob type
c96ed28f2f vendor: update github.com/containerd/containerd
7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage
34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories
0e76a0a418 info: unset cgroup-related fields when CgroupDriver == none
b3456925ca vendor: update github.com/docker/distribution
Bumping docker-cli to version v20.10.12-22-ga22408634, which comprises the following commits:
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
700364e30 Fix mistake with env var example in docker run docs
62d27c32f Update WORKDIR command information
c0e952cf0 Fix the (dead) link for docs for Dockerfile syntax reference
04104a04d Update dockerd.md
b721998b7 Fixing typo (his --> its)
4065e1246 format create.md table
f1002eb9f Fix typo
e97c7b240 added missing closing parenthese
aa7893763 Update stats.md add example json output
40fe0573a Update Ubuntu version number references in push.md
c9737e1c3 docs/daemon: replace deprecated '-g' option for '--data-root'
5c6723d08 Correct device syntax to --gpus
fd5fc61ec [20.10] Update Go to 1.16.14
3624019d8 [20.10] update Go to 1.16.13
f3ff8e6ad [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog
ee1ac1b31 fix innocuous data-race when config.Load called in parallel
38dd744a1 [20.10] Update Go to 1.16.12
4de40a825 Update Go to 1.16.11
03fa8f92c Update Go to 1.16.10
0e20c1fd2 Update Go to 1.16.9
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 1.4.3-4-g3b3061a, which comprises the following commits:
77df89b docs: update known issues with CRI and side-cars
164d753 wasm, kubernetes: support wasm for kubernetes infrastructure with side-cars
61c9600 NEWS: tag 1.4.3
040c59f chore(utils): add pointer casts to avoid C++ permissive mode
16850e4 build: fix bashism in configure.ac
e094499 test: fix CI
22284a9 tests: add codespell tests
37f13e3 crun.1.md: fix typo
8fca8bf tests: add fuzzing for idmapped mounts option
abfdf1f fuzzing: move chdir to Dockerfile
d935d0a linux: move parsing to separate function
5c7165a centos9: enable only needed repo
160e626 centos8: enable only needed repo
648b132 tests: add tests for idmapped mounts
916c5cd tests: add check for file ownership
934e19a tests: add feature check for idmapped mounts
bf06c8c linux: support options to idmap
e1ee353 test, container-delete: ignore warn for cgroupv1 when cgroup cleanup fails
4355edc test: add a test for crun delete
cdc4f6a utils, rmdir-all: transfer ownership and responsiblity of fd to rmdir_all_fd
bb5bc67 linux: open source bind mount in the host
df2fecd cgroup-destory: terminate infinite loop and relay error back to callee
44d7816 cgroup-destroy: bump delay while deleting from 0.1ms to 10ms
ec9fa1c Remove ignored arguments
9854c71 Fix compilation error with seccomp
58d33b8 crio-tests: skip userns tests with auto annotation
b3301ad crio-tests: use golang 1.17.6
192ff3e cri-o: remove locking to a specific commit in CI and use master
f6fbc8f NEWS: tag 1.4.2
4029e63 utils: check for dup error
83668f1 linux: create_missing_devs creates /dev/console
0b09d62 utils: always create trailing file
5c47eac container: ignore EROFS when chowning std stream files
8ff9652 linux: validate sysctls before applying them
2f5be74 python: fix build
da28cf1 container: attempt find_executable after setresuid
9646fde utils: drop const from find_executable
8026135 NEWS: tag 1.4.1
8711fbd utils: add a len argument to get_current_timestamp
b5987ee utils: add printf attribute to xasprintf
e9ba4ae libcrun: add printf attribute to error functions
2ca2d06 utils: add attribute malloc to x.*alloc.* functions
ece4431 utils: add the sentinel attribute to append_paths
bb57968 cgroup: do not lookup string twice
d74c5e4 wasm: add docs and example for using crun wasm support on kubernetes
78384da tests/oci-validation: optimize build
c7aac36 Revert "oci-validation: checkout last working commit for runtime-tools"
4cd65c3 utils: drop check for invalid path
90c6b1f tests/fuzzing/run-tests.sh: fix
e65f285 ci: add shellcheck job
b1c520c tests/*/*.sh: add set -e, fix shellcheck warns
1613f4e tests/cri-o: don't remove non-existing files
ff3e33b tests/fuzzing: nits
28c5f89 tests/oci-validation: rename script to run-tests.sh
2bf7a93 tests/*/*.sh: rm redundant cd
a51137c ci/gha: skip installing deps if Dockefile is used
209fe89 ci/gha: don't start docker
9174557 .github/workflows/test.yaml: nits
b97d397 errors: use printf compiler annotation
f12a5ac linux: fix lookup for namespace
acc5f87 linux: skip setns_with_pidfd with explicit paths
5f924cb container: allow delete while in created state
cc70b0a container: merge two if blocks
6aff973 cgroups: skip setting cpu limits if shares==0
5930bfa cgroup: append the sd error message in the error
c9f0b16 gha: simplify deps install
08b621f tests/podman: exclude --ip6 test case
1da6b96 Fix some typos found by codespell
fd6da89 src: rename libcrun_container_kill_all to libcrun_container_killall
dfd5dae libcrun: unexport str2sig
21a8daf libcrun: let libcrun_container_kill* accept a string
dd80179 libcrun: unexport append_paths
eada263 tests: skip sd_notify tests without systemd
8ead30f ci: enable codeql analysis
3a1da09 .github: fix ci build
a834e9b .github: test --enable-shared
95b482f src: export some symbols used by crun
7f37f2e src/libcrun/linux.c:425:77: error: 'OPEN_TREE_CLOEXEC' undeclared (first use in this function); did you mean 'OPEN_TREE_CLONE'?
3daded0 NEWS: tag 1.4
a400e8b libocispec: sync from upstream
76271c9 cgroup: initialize status
d583bdc utils: fix path check
2b74dc1 handler: add support for running handlers on kubernetes with containerd
9b25f52 tests: extend checkpoint/restore test with pre-dump
587d0b2 tests: add memhog command to init
fb2a7ed docs: add pre-copy migration options to the man page
0683fec checkpoint: add pre-dump support
7ecb4b0 handlers, wasm: add lost support for run.oci.handler=wasm
020ee61 tests: add tests for CPUShares/CPUWeight on systemd
58b8879 state: export systemd scope
3adb2d5 tests: allow to override cgroup manager
bcbc72d cgroup-systemd: update CPUShares/CPUWeight
2ba3106 cgroup: add custom update_resources
2d7a495 update: fix shares file name
ec70d28 cgroup-systemd: set CPUWeight/CPUShares on the scope cgroup
4012668 cgroup-resources: move CONVERT_SHARES_TO_CGROUPS_V2 to function
77318e4 cgroup: add function to write to the files
6457228 tests: add CRI-O integration tests to the CI
d6ab372 configure.ac: mark unused variable
cb4152d ebpf: fix build on 32 bits arches
2eafdff cgroup: ignore swap limit if it is not enabled
62e84d8 nix: lock nix version to last working release
1efb0f9 linux: fix join cgroup v1
f72414e crun, spec: allow override file name
5231a30 utils: retry openat2 on EAGAIN
782fb02 crun: load custom handlers
e6fda97 build: define CRUN_LIBDIR
af950dd handlers: support load from .so files
6d093a0 handlers: split each handler to its own file
46fb105 utils: remove hardcoded check for wasm
8f9337e crun, libcrun: move handlers behind an interface
fd0e171 handler: split libcrun_configure_wasm
4eb1f03 container: move custom handlers code to new file
2063305 wasmedge: The wasmedge.h is moved to wasmedge/wasmedge.h
2b4dfef container, handler: close files marked with O_CLOEXEC
4898342 linux, exec: try setns with pidfd
a14ae9e linux: move join namespaces to a new function
a32286c linux, exec: use CLONE_INTO_CGROUP
cb5bf95 linux: use clone3 if available
0e2eda2 tests: fail fuzzing test on crashes
74a21ed ebpf: handle missing access string
c1127a3 container: propagate close for ready-fd
c9c89c6 container: wait_process accepts a struct
9bf58f2 container: replace sprintf with snprintf
3191e49 container: drop argument for write_container_status
91b47f6 container: replace same failure code with a goto
b5405fc linux: improve detection of /dev target
dcc87a3 cgroup: move errors check to helper
0af034d cgroup: hide create/destroy behind a struct
f95e56a cgroup: move cgroupfs code to new file
98e4e46 cgroup: move cgroup setup code to new file
c3119e7 cgroup: move more functions to cgroup-utils
0272dae cgroup: move setting resources to new file
80925dc cgroup: move some functions to a new file
9c014c6 cgroup: rearrange code
24f6b40 cgroup: quote file names
ed31849 cgroup: separate each cleanup to a different function
d9eba41 cgroup: drop argument from libcrun_cgroup_destroy
f47d933 cgroup: split systemd code to a new file
aed4362 cgroup: drop unused function
384cf2a cgroup: drop usage of raw paths
1f313a8 libcrun: new function libcrun_container_read_pids
ce7dedf cgroup: move returned data to different struct
e2670b4 cgroup: drop argument delegate_cgroup
22d9dcb cgroup: drop argument systemd_subgroup
a0d4d9f cgroup: drop unused argument create_if_missing
dc135cf cgroup: drop cgroup_mode argument
4dcbf43 cgroup: remove unused argument
16db42f libcrun: unexport unused functions
4b18425 Also run clang-format on *.c files in tests/
abdeabf container: allow libcrun_run_linux_container to call final _exit() for handlers
2d177df container, exec: refactor to new function
d78dff2 container: attempt chdir twice
c9052f2 container: make chdir error clearer
78cf48b linux: use sd_notify_barrier if available
0fa6447 libocispec: sync with recent commits
40e4736 utils: move safe_openat fallback to separate function
82d2170 mounts: handle paths with multiple slashes
79699be utils: write_file truncates existing files
ef37d51 linux: Enter specified cgroup namespace
a36bcdd tests: disable podman unuseful test
53f2615 .github: use a bind mount for /var dirs
5566520 tests: add build test for centos:stream9
940705f tests, centos8: use centos:stream8
0e99990 Change podman branch to fix CI
1575f2f Add file-locks checkpoint/restore option
d7029af linux: replace mounts lookup with gperf hashing
5511255 linux: support more recursive options
2dbce9b linux: use bool for is_user_ns
827b873 linux: new mount option "idmap"
02938ac linux: add function to send mounts from the host
b5fc60e linux: provide cleanup private data callback
a5a2ca5 linux: generalize opening mounts earlier
4523486 linux: silence warning
a01a03a tests: update podman
3c6d57d wasmedge: fix error message if VM fails to get valid result object
b48b654 crun: show if version supports wasm with configured runtime
365dc57 linux: new mount option "rro"
85c5bc9 linux: fix a race when saving external descriptors
825108e wasm: add support for wasmedge runtime
33e75d0 fix build error on ubuntu
e1c7293 clang-check: refactor to suppress -Wunused-but-set-variable where needed
575c4a6 ci: use latest docker with seccomp profiles supporting clone3
8e5757a NEWS: tag 1.3
685078a tests: temporarily switch to fedora:34
9ea94e9 wasm: allow wasi modules to read args from config
76759f1 fix status.h compile error in C++
952913b wasm: replace printf while relaying output to stdout with safe_write
152a3fc linux: bind mount the current cgroup path
ce211c5 linux: fix mounting cgroup2 with --net=host
e31ab81 wasm: add support for annotation module.wasm.image/variant=compat
2559696 wasm: add documentation
7407be1 wasm: add support to natively build and run wasm workload and wasm containers
6d046d6 oci-validation: checkout last working commit for runtime-tools
eeae045 cgroup: fix race condition when enabling controllers
fd7b3cb criu: do not override external_descriptors
979f6f0 criu: save the new descriptors after restore
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
