diff options
author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2023-12-05 14:47:53 +0000 |
---|---|---|
committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-01-04 02:52:53 +0000 |
commit | a6ed7b60ff6dd0c34f9f1030cbd7a28266c288ad (patch) | |
tree | 10441d76abdeb318efecf178f91a41d9874908a2 | |
parent | caa14c63f158fdd13382ccf1ff4e20a8ba6ad667 (diff) | |
download | meta-virtualization-a6ed7b60ff6dd0c34f9f1030cbd7a28266c288ad.tar.gz |
containerd: update to 2.0-beta
We refresh our GO_FLAGS patch for new context, and drop the install
of v1 or unversioned shims as the runtime-v1 has been dropped
Bumping containerd to version v2.0.0-beta.0-88-g87bf39a7f, which comprises the following commits:
96aaf5a3b Add core and internal root packages
c0363754f sandbox: get runtime info from sandbox or container
95d2a3b7c upgrade: add cri upgrade test case
0bc963341 runtime/v2: net.Dial gRPC shim sockets before trying grpc
e1b495866 sandbox: keep rootDir and stateDir compatible
b0fef6738 sandbox: migrate sandbox_mode to sandboxer
c8012b6d7 sandbox: make a clear dependency of cri plugins
2ead89509 Support gzip and zstd HTTP transport compression to fetch remote resources
8e567aa58 mv pkg/process cmd/containerd-shim-runc-v2/process
a813097dc Bump up github.com/fsnotify/fsnotify to v1.7.0
c384e3717 containerd-stress: use config address for CRI test
d4c828c2c integration: add new binary upgrade case
8e91edb71 fix(pkg/dialer): minor fix on dialer function for windows
ad3f8c563 tomlext.Duration add MarshalText method
6da015284 go.mod: github.com/containerd/continuity v0.4.3
cd348e6ef .golangci.yml: remove directories that don't exist
4b556a6e0 Bump up golangci-lint to v1.55.2
c51d4f9b6 push: always inherit distribution sources from parent
e15c24655 Move CRI image service into a separate plugin
80dd779de remotes/docker: close connection if no more data
7f410ae05 integration: reproduce #9347
2e9686c05 fix: deflake TestCRIImagePullTimeout/HoldingContentOpenWriter
4aa932337 CI: update Fedora to 39
f6c4de6b5 fix: podsandbox depends on Lease plugin
1b65fe264 fix ticker leak
1af0cba1a Update documentation for containerd v2.0 packages
4f42da416 adopters.md: remove Eliot project
01c442147 Enhance container image unpack client logs
e7390d4ed vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0
1a1bd6d0a runtime/v2/shim: use structured log for plugin ID
71fd85f5e runtime/v2/shim: run(): remove unused "name" argument
0a59c33be runtime/v2/shim: rename var that shadowed package var
be22e12d5 services/server: use structured log for plugin ID
09de4f1fc services/server: rename var that collided with import
14e621cf9 services/server: gofumpt
32bf805e5 sandbox: add a sandboxService interface to criService
25a4c3d23 sandbox: remove SandboxersServicePlugin
0cf48bab2 sandbox: podsandbox init its own client
7d65a4563 Move runc shim implementation to cmd
e682da76c fix labels in pod sandbox
64c41162c update tests to use labels from cri/labels
7e79225ce refactor labels used in cri server
274a16282 update runc binary to v1.1.10
2e014fa2a cri: fix update of pinned label for images
cb555fa16 golangci-lint: enable depguard to prevent re-introducing libcontainer
dac056fe7 integration: deflake TestIssue9103
7b9fcfd7c add default enable unprivileged icmp/ports
a7cd49c68 expected and actual field position adjustment
e099717f9 validate kernel version for unprivileged icmp/port
76049170b document runtime and shim configuration and selection
2fab240f2 integration: init release upgrade test
2af6db672 switch back from golang.org/x/sys/execabs to os/exec (go1.19)
a596d09ec cri: add deprecation warning for configs
35924bccc cri: add deprecation warning for auths
d7cb25d77 cri: add deprecation warning for mirrors
58cc275eb cri: add ability to emit deprecation warnings
68cac3f62 client: remove obsolete ErrCheckpointRWUnsupported
df19888f8 add warning use inheritable Capabilities
411e2bce4 Remove plugins package
9db21401c Switch to github.com/containerd/plugin
a48ddf4a2 Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile.
2dfae4c4b Prepare release notes for v2.0.0-beta.0
6ca4b5260 Update mailmap
a67efe88d Add tests cases
f1d659dc5 Update package name in Makefile
0ffc3e987 Handle ArgsEscaped for new Sb Server
b85df264e Rename opt to avoid stutter
261e01c2a Move client to subpackage
b6adf43d4 test: use 'Autoclear: ture' in TestRwLoop and add Autoclear test
124d3a20a Sync ops.md, update CLI --help output to be consistent in descriptions
5fdf55e49 Update go module to github.com/containerd/containerd/v2
abfc8be53 Fix lint in integration/client
ddd73ad30 Move protofiles generated into v2 directory
638b474c8 Temporarily remove imgcrypt in CRI to fix circular dependency
192168038 Temporarily remove integration/client submodule
4e3fbd36e vendor: github.com/klauspost/compress v1.17.2
856d1053f vendor: google.golang.org/grpc v1.58.3
466ee870d Check scheme and host of request on push redirect
3fff8b4f6 ctr: new deprecations command
079383dbe dynamic: record deprecation for dynamic plugins
260e71abc server: add ability to record config deprecations
bc861b66f pull: record deprecation warning for schema 1
9aab44673 introspection: add support for deprecations
57c897f10 api/introspection: deprecation warnings in server
240733ce2 warning: new service for deprecations
aff5b809c deprecation: new package for deprecations
d48ceb606 Avoid TLS fallback when protocol is not ambiguous
ed759bae3 Update go fuzz to directly instantiate server
09e40511a fix bug that using invalid token to retry fetching layer
2fea521d0 Disable windows-2019 integration test temporarily
9fc407d8c ci: bump up golangci-lint to v1.55.0
8b4f9656d sandbox: remove ValidateMode as it is not used
337cc2171 pkg/cri: should ignore no sandbox bucket
f515cd5c5 Reorder fields when writing bootstrap params
3d53fbe85 Fix CRI integration tests
f76eaf5a6 Fix 'not a directory' error when restoring bootstrap.json
cf75cfa32 Add more logs around shim restore
8061cb023 Save bootstrap.json instead of address file
e03bf32b8 Switch runc to v3
7a2d801d6 Expose shim instance version
f66c46806 Bridge task service v2
daaf67662 Switch runc shim to task v3
bb64e6a8e Initialize sandbox controller list on CRI server creation
03d81f595 Use cri streaming pkg from k8s staging
b006f1c15 integration/client: replace hardcoded strings for OCI-spec consts
d3f5e0c90 images/archive: replace hardcoded strings for OCI-spec consts
8e7c10c6d CRI: enhance ImageFsInfo() to support multiple snapshotters
e4639ad18 Add exports to proxy plugin config
3986f80c3 go.mod: bump up github.com/opencontainers/image-spec to v1.1.0-rc5
f7c9e9942 vendor: golang.org/x/net v0.17.0
c3652540c vendor: golang.org/x/text v0.13.0
ff602c213 vendor: golang.org/x/sys v0.13.0
39b168cdb vendor: google.golang.org/grpc v1.57.1
930ee552e Fix typos
3ef300ca7 sandbox: remove global variable of podsandbox controller
7bca70c0c sandbox: do not call Connect when loadShim
d2d434b7d sandbox: add all sandbox information to Create method
0707f6869 sandbox: ignore not found error when remove sandbox
2951fb6dc sandbox: support more sandbox controllers
8b3597685 sandbox: add Sandboxer field to sandbox metadata
69e501e7c sandbox: change SandboxMode to Sandboxer
f372b3501 sandbox: add sandboxer field of sandbox requests
a782fd6da Use LOOP_CONFIGURE when creating loop devices
771237563 Add a new image label if it is docker schema 1
5ad6f3432 CRI: use (snapshotter_id, snapshot_key) to uniquely identify snapshots
41b2b2a7b go.mod: bump up github.com/klauspost/compress from v1.17.0 to v1.17.1
4febb0852 deprecated: go-plugin library as runtime plugin
51c9ffe46 remotes: add handling for missing basic auth credentials
4f339b5b5 RELEASES.md: mark legacy CRI as removed status
0a4f79211 Remove use of v1 runtime plugin type for Unix
71f8b4357 Move dynamic plugins to a subpackage
7b2a91821 Generalize the plugin package
a80606bc2 Move plugin type definitions to containerd plugins package
cb969085f Temporarily remove zfs as built in plugin
2486c1298 Exit shim when shutdown manager is done
1b3199324 Rename sbserver to server
4edc6c2d9 Add note about configuration versions in releases
c5c94dc86 Fix CRI tests panic on CI
a3c2c1e4d Clean shell scripts
fa1d3a9cc Fix dependencies after remove
3742f7f0d idmapped: use pidfd to avoid pid reuse issue
2332b9ba1 Remove legacy CRI from CI
536abf1b3 Remove legacy CRI
33b1a833c Move CRI testing package out
016114ff6 Move bandwidth package out of CRI server
3c1e7ffb8 Integration: Alter TestContainerPids for Windows
8f013bb71 Add migration for older configuration versions
313f514fd update to go1.21.3. gp1.20.10
6b752b536 update to go1.21.2, go1.20.9
8f3d1c9d9 add cpu-burst param to ctr command
3ddcd6120 add Duration type to compatible toml v1 version
535916d1d Skip exec.LookPath if a specific gzip implementation is disabled
4b59d67dd add a new flag "skip-reference-check" to skip reference name check
34378ec9b Use Intel ISA-L's igzip if available
7d6369087 Fix windows default path overwrite issue
13dcf558e Fix windows default path overwrite issue
39478eeec go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0
859c2651e remotes/docker: Fix MountedFrom prefixed with target repository
c85b1d1e4 Bump up golangci-lint to v1.54.2
6169433b6 Fix linter issues for golangci-lint 1.54.2
e3cb7471a CRI: Snapshotter per runtime handler adjustments
42dc8faba Bump x/net to 0.13
79772a0dd remotes: always try to establish tls connection when tls configured
11a7751af *: add runc-fp as runc wrapper to inject failpoint
68dd47ef7 containerd-shim-runc-v2: avoid potential deadlock in create handler
6604ff6c5 containerd-shim-runc-v2: remove unnecessary `s.getContainer()`
0d76fe5c1 Fix some assertions for integ tests
1dced31c3 ci-fix: pin the mingw version 12.2.0.3042023
aae71aa8e update gitignore to indicate that where contributors can use global gitignore
8ffb03d68 cri: stop recommending disable_cgroup
5365f4b29 cri: call RegisterReadiness after NewCRIService
46645b393 Call migrations per version
5518a5026 remotes: simplify mediatype logic
8b105984b pkg/transfer/local: simplify mediatype logic
79acce462 integration: use mediatype helpers
0ba5b4b62 oci: use mediatype helpers
cdba61603 remotes: use mediatype helpers
69034f755 pkg/display: use mediatype helpers
5ab04ac5a pkg/unpack: use mediatype helpers
da1196979 pkg/snapshotters: use mediatype helpers
f1cbc5f90 containerd: use mediatype helpers
4b1bb1293 remove github.com/opencontainers/runc dependency
62f621a34 images: simplify mediatype logic
377c5ca9c images/archive: use mediatype helpers
bb8a472f2 images: use mediatype helpers
e7254406c Require plugins to succeed after registering readiness
62f273d50 Add migrate subcommand to config command
0320ad184 Add config migration to plugin package
f58158e2d Add config migration and bump config version
bf4fbe4e8 docs: Update `transfer` service docs to reflect completed implementations for 1.7
b40e95e0e images: Config: explicitly return nil-error
36c2222d3 Add usage calculation test
3b60e9366 Create new imagetest package
4c344f2fa Add warning for plugin configs with unknown fields
a9ba33f8f Allow for images with artifacts to pull
650148313 Add warning log for unknown config fields
b5615caf1 Update go-toml to v2
8b413daff Remove log package except for exported const used by hcsshim
2f1b92710 Update zfs library to use new log repository
508aa3a1e Move to use github.com/containerd/log
f1070c4e1 docs/userns: Clarify requirements for k8s 1.25/1.26
42eee8bf0 fix: Add `containerd` to the message type reference
9e819fb4a Update CRI image store to not use containerd client
dcb2e7447 Improve doc of func NewNetNS
2ce971d89 Add delete target to image remove
f8fb2dad3 api: update image service to support target in delete request
8e3722c7d CI: Set slow_chown for overlayfs snapshotter
46d3094aa docs/userns: Fix small typo
d008d64a8 docs/userns: Clarify containerd 1.7 limitations
e37908200 docs/userns: Document the need to opt-in for a slow chown
8bf8e2b97 snapshotter: Use capa prefix consistently for capabilities
ec9e0dca9 overlay: Require opt-in if idmap mounts are not supported.
03b9ce56b deprecate logs package, but disable linter (for transitioning)
d69ae811d alias log package to github.com/containerd/log v0.1.0
729c97cf3 Handle unexpected shim kill events
ed5f7e7c8 Update image in client to use new usage package
96a23ccc1 Create new usage package
79f781d00 Refactor: Removing inherently flaky and unused SourceDateEpochOrNow function.
8cbb4ea5d vendor: github.com/containerd/nri v0.5.0
3ca39ef01 fix: Remove `LimitNOFILE` from `containerd.service`
83240a4f7 Bump crun to 1.9
967313049 doc: Add documentation about CRI user namespaces
2e13d3954 pkg/process: Only use idmap mounts if runc supports it
fce1b9507 go.mod: Update runtime spec to include features.MountExtensions
a81f80884 Revert "cri: Throw an error if idmap mounts is requested"
e832605a8 integration: Simplify WithVolumeMount()
24aa808fe integration: Add userns test with volumes
ab5b43fe8 cri/sbserver: Pass down UID/GID mappings to OCI runtime
e916d77c8 platforms: move ToProto, FromProto to api/types
381442945 platforms: remove errdefs dependency
e0b2b17de cri/server: Add tests for the linux-specific parts of VolumeMounts()
10cb112e4 cri/server: Add tests for ContainerMounts()
97dfa7f55 cri/server: Pass down uidMappings to OCI runtime
b42bdd125 release: remove `cri-containerd-*.tar.gz` release bundles
9656b8c0d nri: update mock plugin handlers
6f9de91ef vendor: update github.com/containerd/nri@v0.4.0
f7089ba22 leases: add WithLabel
1480e3bd4 leases: cleanup TestWithLabels
d94a789d1 Fix usages of `mountinfo.PrefixFilter`
45e303eea task: expose criu work path opt
f77185f9e Fix "even if IPv4 comes first" test to have IPv4 first
88a849626 Don't use `To16() != nil` to detect IPv6 addresses
eaf607101 update to go1.21.1, go1.20.8
1a7490c5a Add link to CONTRIBUTING from README
0413f1272 Add contributors guide
05093d7c0 vendor: github.com/cncf-tags/container-device-interface v0.6.1
ac1d556b9 Add image verifier transfer service plugin system based on a binary directory
55b2df560 go.mod: github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2
a00888db8 fix reference to canonical fieldmask type
0041996ca CI: bump up crun to 1.8.7
4bc0b2660 Revert the removal of the parameter Container
6ec0d4a3a prevent ctr from creating tags with forbidden characters
a4bdbf784 content: reduce the contention between ref lock and boltdb lock
abfabb6d8 contrib/fuzz: fix redeclared issue
295bcec07 snapshotter: implement unit tests for idmapped mounts for overlay
9d01ed1c3 integration: add test for idmapped mounts
e49e6d6fd snapshotter: implement slow path for idmapped mounts check for overlay
1555a31bf mount: support idmapped mount points
723c88ce3 snapshotter: add "--remap-labels" support to overlayfs
e8ddf669f snapshotter: support "remap-ids" capability for overlayfs
ef6b91947 fix(docs): fix on the windows installation script
5d31e9378 pkg/systemd: use sync.Once for systemd detection
7d0ab4fc2 remove uses of github.com/runc/libcontainer/cgroups
9bc6441c2 vendor: github.com/google/uuid v1.3.1
13ff185ba Blockfile: Enlighten blockfile copy on Darwin
a3e8503ed .github: enable fuzz build
cd705af89 metadata: add image delete events during garbage collection
3f9756c18 gc: add support for image expiration
b32638e21 ctr: pull or fetch image metadata by default
20f79300c push: inherit distribution sources from parent
24aca53fa Update use of content.Infoprovider
f8c789f31 content: add InfoProvider interface
02d519ad6 Update hcsshim tag in runhcs-version script
a2817ca16 CRI: Include sandbox ID in failed to load error
492347090 replace reference/docker for github.com/distribution/reference v0.5.0
26dcae2f6 fix ossfuzz building error
19d6c37a3 Revert "log: define G() as a function instead of a variable"
fd5d92a7f Update hcsshim tag versioning to v0.12.0-rc.0
779875a05 Add missing unpacker.Wait for image import
4f5db2bc0 metadata: format unit test output
15b13fb3e Windows: Supply windows shim version via file
7a0ad09a0 make repositories of install dependencies configurable
34def8b33 Remove redundant nil check
fc45365fa Remove most logrus
f9c35feb3 Makefile: allow overriding GO_BUILD_FLAGS via environment
490905be6 go.mod: github.com/containerd/continuity v0.4.2
03abceac5 Update LTS description
34f32043b Blockfile: Expose RecreateScratch option
b4f487ce9 Apply suggestions from code review
1e3540e11 Add stale bot
4e236962f Update critools to 1.28.0
c92f4a160 Update RELEASES
c3f3cad28 Use sandboxed CRI by default
b76cd4d9f replace some fmt.Sprintfs with strconv
bbdbf7ab6 Add inspect image commands
78308b4a4 Add manifest printer library
11a5dd826 snapshots: replace some fmt.Sprintfs with strconv
06765c9ef oci: replace some fmt.Sprintfs with strconv
710d22366 removes/docker: replace some fmt.Sprintfs with strconv
d7bc8694b pkg/cri: replace some fmt.Sprintfs with strconv
73e9cfd1c append k8s 1.28 to releases
6d8329d7f Remove unnecessary joinError unwrap
8399a4ee7 Remove temporary replace
7ad0a6ccf Update to latest releases in RELEASES.md
cd8c8ae4b Remove hashicorp/go-multierror
1571a5aa0 ctr: metrics: drop unused retval from printWindowsStats()
7063ae1f6 Makefile: add rule for installing documentation
de4c338ab Docs: Document proxy plugin diff support
d09f7cbe0 cri: Fix sandbox_mode "shim"
60b2cb143 cmd: containerd: allow building w/o systemd notify
23c95359a Add WithMetaStore to overlay snapshotter to allow bringing your own
0c1ad52ea cri: spec_linux: drop unused retvals
eacd74c2b Go 1.21.0
5756cb00e CI: increase timeout for Binaries
c883410c9 CI: Explicitly upgrade MinGW on Windows 2019 GitHub runners.
0f043ae43 seccomp, apparmor: add go:noinline
5d9bf7d13 CI: temporarily disable ci_fuzz due to incompatibility with recent Go
e2ce4f58f Populate commit memory for windows memory usage stats
823e0420e Fix transfer service dependencies:
cfb30a31a Invoke Stable ABI compatibility function in windows platform matcher
0cea317a5 FreeBSD: set default runtime
def5ff3c4 Sandbox: Add annotations to controller CreateOptions
939ccbed4 Sandbox: Add annotations to CreateSandbox surface
1fd3a4652 archive/tarheader: fix FreeBSD hdr for regular files
f8edd5555 update runc binary to v1.1.9
f35d1f08e go.mod: github.com/opencontainers/runc v1.1.9
00ef8ba99 Vagrantfile: add strace tool
601699a18 integration: add ShouldRetryShutdown case based on #7496
8dcb2a6e6 pkg/cri/sbserver: fix leaked shim issue for podsandbox mode
72bc63d83 pkg/cri/server: fix leaked shim issue
5bdd9ca93 integration: add case to reproduce #7496
b451fa96a bump client-go v0.26.4
a645ff2e6 Update dependencies after protobuf update in hcsshim
e7e5619fe Update hcsshim tag to v0.10.0
54baf766e add metrics for discarding events
189a1599c archive/compression: update out of date RFC draft link
cac8b6f4b Makefile: allow overriding the binary executable target dir
90443f038 CI: update Rocky Linux to 8.8
0a57dc2a0 CI: update Fedora to 38
30dd0a17f CI: install Vagrant from Hashicorp
965641dbc Makefile: allow REVISION be overwritten by environment
fc32197d4 Makefile: fix overriding go command
2d3360ec7 CI: move Vagrant tests to GitHub Actions (larger runners)
4f3c8c468 replace mcr.microsoft.com registry to ghcr.io/containerd registry
d41c62a55 .github/workflows: add dmesg step for integration-linux
fd8778fba delete checkout branch in doc
c62abcb14 docs: document CRI cgroup driver auto detection
c80a3ecaf cri/sbserver: Use platform instead of GOOS for userns detection
157dff281 update to go1.20.7, go1.19.12
687a5f51a fix: allow attaching to any combination of stdin/stdout/stderr
aa8b094ab platforms: clarify docs for amd64/arm64 variant normalization
710d987d2 Fix default platform matcher when ctr import
2d64ab8d7 cri: Don't use rel path for image volumes
85a2c9a01 log: swap logrus functions with their equivalent on default logger
6baff1694 log: add package documentation and summary of package's purpose
238da2c52 log: make Fields type a generic map[string]any
634a4a1bb log: add log.Entry type
dd67240f1 log: define OutputFormat type
778ac302b log: define G() as a function instead of a variable
81ac648d9 log: add all log-levels that are accepted
0b6333a41 log: group "enum" consts and touch-up docs
4a36022e2 log: WithLogger: remove redundant intermediate var
40ee5fb11 log: SetFormat: include returns in switch
6fe7e03b8 log: remove testify dependency
e2ad5a985 removes/docker: remove unnecessary conversion (unconvert)
ed47d6ba7 cri: implement RuntimeConfig rpc
a1cdf60cb docker: add test to ensure not found error is returned by resolve
b4814a29d docker: return most relevant error from docker resolution
7f7ba31b6 cri: fix using the pinned label to pin image
480757135 pkg/epoch: fix Y2038 on 32-bit hosts
98974117b migrate to community owned bucket
a3404ac42 docker: add missing info log for 4XX/5XX responses
850b2e1bf go.mod: update cri-api to v1.28.0-beta.0
480bc8a2b .github/workflows/ci.yml: upgrade Ubuntu from 20.04 to 22.04
bc96b9039 go.mod: github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0
da2740885 go.mod: google.golang.org/genproto v0.0.0-20230720185612-659f7aaaa771
73dc13ad6 go.mod: github.com/urfave/cli/compare v1.22.14
1c4fc568b go.mod: github.com/prometheus/client_golang/compare v1.16.0
68abb525a go.mod: github.com/minio/sha256-simd v1.0.1
1f2216cc7 go.mod: github.com/klauspost/compress v1.16.7
3c6ab0420 go.mod: dario.cat/mergo v1.0.0
4bda0a69e go.mod: github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
0f033b612 go.mod: github.com/emicklei/go-restful/v3 v3.10.2
90e050298 go.mod: github.com/containernetworking/plugin v1.3.0
0498acefb go.mod: github.com/.../container-device-interface v0.6.0
74b8cb850 go.mod: github.com/opencontainers/runc v1.1.8
895dd2e93 go.mod: github.com/opencontainers/image-spec v1.1.0-rc4
235a4452d go.mod: github.com/opencontainers/runtime-spec v1.1.0
06f18c69d cri: memory.memsw.limit_in_bytes: no such file or directory
f3daf32c7 Fix ro mount option being passed
b2967a8d6 update runc binary to v1.1.8
90ecb8104 fix: `ctr images check` outputs not unpacked images in quite mode
98f27e1d9 Revert "Add support for mounts on Darwin"
e939d1319 Revert "Revert 416899fc8e81a80a4b09b59c801f98d36ddc0e74"
6c9c71112 Revert 416899fc8e81a80a4b09b59c801f98d36ddc0e74
2799b28e6 Add support for mounts on Darwin
56d80f81a Update hcsshim tag to v0.10.0-rc.9
9c673f967 pkg/cri/server: TestImageGetLabels: use registry.k8s.io
f914edf4f [cri] Handle Windows pod transitions gracefully
52ef3468b Update Go to 1.20.6,1.19.11
48cdf1fe2 integration: Enable userns tests for sbserver
9160386ec cri/sbserver: Test net.ipv4.ping_group_range works with userns
1c6e26844 cri/sbserver: Fix net.ipv4.ping_group_range with userns
36a96d7f3 cri/sbserver: Remap snapshots for sbserver too
508e6f6e0 cri/sbserver: Add userns tests to TestLinuxSandboxContainerSpec()
fb9ce5d48 cri/sbserver: Support pods with user namespaces
c99cb95f0 cri/sbserver: Let OCI runtime create netns when userns is used
73c75e2c7 cri/sbserver: Copy userns helpers to podsandbox
0b6a0fe77 cri/sbserver: Move runtimeStart to match position with cri/server
90087ac44 WithRemapperLabels: Update doc to mention overlay supports it
9d9903565 cri: Fix comment typos
9e34b8b44 Uncopypaste parsing of OCI Bundle spec file
232538b76 bugfix(port-forward): Correctly handle known errors
5c480d9c8 Modify loopback size
7ef133ad4 Fix mount pkg typo
83ff030e4 Change http.Header copy to builtin Clone
cdb153ec9 Resolve docker.NewResolver race condition
01a6e1c73 Dedup WithNewSnapshotView
6a913ac82 Cirrus CI: configure apt-get to wait for locks
38f9bc3e0 fix ci Linux Integration test fail
c17d3bdb5 pkg/cri/server: Test net.ipv4.ping_group_range works with userns
9bf5aeca7 pkg/cri/server: Fix net.ipv4.ping_group_range with userns
05fef52b6 vendor: github.com/containerd/zfs v1.1.0
073de9308 Fix the auto restart fail when using LogURI and TTY together
00e5ae211 shim: change ttrpcService and ttrpcServerOptioner to exported interfaces
e9f63f64f update go to go1.20.5, go1.19.10
22a7c63c0 Sandbox: Change to mount.Mount for CreateOptions
51a1e7f0b Fix example shim to actually use its task service
a9cb6090e ci: remove libseccomp-dev installation for nightly
0607e7326 Move GetTopic function out of runc shim
5dedb6d0d archive: use 1970-01-01 as the whiteout timestamp
d6dbc4040 go.mod: Update cgroups to 3.0.2
f3b7436b6 Platforms: Add From/ToProto helpers for types
b3ab1f26c Snapshots: Add From/ToProto helpers for types
0a6b8f0ee OCI: Add From/ToProto helpers for Descriptor
4df27fd77 Update ginkgo to match cri-tools' version
9a202e342 seccomp: always allow name_to_handle_at
55a8102ec mount: Add From/ToProto helpers
e85352183 integration/client: Rework withBytesBuffers
54a93c6c5 Make ptypes.Empty a var in contentserver
cdc90c838 Remove duplicated code in content Copy
50376ec9f remotes: allow FetchByDigest client to pass mediatype as header
0a92661e6 Add a platform.ParseAll helper
e89d7204e MergeStringSlices use sets
8760b8717 pkg/epoch: extract parsing SOURCE_DATE_EPOCH to a function
9924e56f4 pkg/epoch: fix tests on macOS
dfd7ad8b3 Reword Windows file related TODO
44e2b26a8 pkg/epoch: replace some fmt.Sprintfs with strconv
f82d9b799 Integration: Align empty IO func on Windows
f3124d569 Makefile: Remove hcsshim related TODO
2aeac9a8f Remove duplicated writeIndex func
7601dd9a9 Dedup manifest config platform helper
f3df7f739 log when a lease expires
a01118bbe Minor changes to sandbox metadata
f60a4a271 cri: drop unused arg from generateRuntimeOptions
1fb835f04 Remove unnecessary label bucket loop
a207b430e snapshots/blockfile: fix lint issue
59b0b39af vendor: update github.com/containerd/continuity
d358f1680 fix unbound variable
f4ad68d5f fix-push-image-rate
7de95cbc4 snapshots/blockfile: deflaky the testsuite
6dfb16f99 snapshots|pkg: umount without DETACH and nosync after umount
72b7d1650 mount: support direct-io for loopback device
437f13410 Don't run CI on push
e26c97cb8 Save marshalled empty response in streaming service
9e09bfb59 Use RWMutex in NSMap and reduce lock area
38b0f970f No more nondistributable layers in MS registry
d278d37ca Sandbox: Add Metrics rpc for controller
d115129d1 Add configurable mount options to overlay
d56722ef2 Sandbox: Add SandboxMetrics rpc
4bb709c01 avoid "any" as variable name
577696f60 replace some basic uses of fmt.Sprintf()
5cd6210ad runtime/v2/runc: handle early exits w/o big locks
df280942a integration/client: add timeout to `TestShimOOMScore`
6dd529e40 Pass in imagespec.Platform to WithVolumes()
d18026592 release ticker correctly
28a5199ff Add a check to skip stats for containers that are not running
34a93a0c2 task: don't `close()` io before `cancel()`
007c5b6e3 Setup otlp from env
104b9ef9e Update x/sys to 0.8.0
69b451af5 RELEASES.md: de-deprecation of CNI conf_template will be v1.7.3
ab5365222 ctr: update WritePidFile to use atomicfile
c409c631c shim: WritePidFile & WriteAddress use atomicfile
3c4a1ab1c cri: write generated CNI config atomically on Unix
f3ba7c8a3 atomicfile: new package for atomic file writes
28d8c79de Replace atomicBool with the standard library atomic.Bool
fe4f8bd88 Pinned image support
a85b12d4d docs: cherry-pick individual commits instead of merge commit
738c4c6fa Fix issue for HPC pod metrics
52997ea98 remotes/docker: ResolverOptions: fix deprecation comments
a35ead5b9 bugfix: add nil pointer check for cgroup v1 mem usage
2a60fe5a6 Remove events from init context
d3887b2e6 Support CDI devices in ctr --device flag
3ca5b4437 Remove cni conf_template deprecation
94f0af3ec Image.IsUnpacked(): make error-handling more iodiomatic
54658a115 Image: rename variable that shadowed import
d2b7a1e29 cleanup DEPRECATED TLS config
f857626d6 Move PLEG event back to CRI
fc50334ca Generate sandbox exit events from CRI
d2605de73 add handling of a '.' commondir and bounds checking to mount_linux
cf5605459 Move pod sandbox recovery to podsandbox/ package
45dbb4e54 Publish sandbox events
65906335b Add sandbox events protos
21b3318eb Fix several conversions of "ocispec.Image" to "ocispec.Platform"
f2bc73782 Add cpuset-mems flag to 'ctr run' command
f642c0a5f ctr: add cpuset-cpus flag to 'ctr run' command
314d758fa update auths code comment
9702d4aee snapshots/blockfile: use passed in dst in scratchGenerator
bb82f3683 snapshots/blockfile: use loop if options is empty
9287711b7 upgrade registry.k8s.io/pause version
fbb38ab6b Fix the spelling of repository within the NRI plugin documentation.
752e13d9a fix(docs): minor fix on the windows installation steps
c1b926800 Windows Integration: Switch Azure-based CI to vanilla 2019 image.
b9dfd29b7 Update tests to use volume-copy-up:2.2
4bfcac85f notify readiness when registered plugins are ready
7819da843 Document Protocol Buffer Setup
579b5596c Update volume-ownership image with latest hashes
88a3e25b3 Add targetOS to WithVolumes()
c7ec95caf Reword comment and make slight change to code
ec2bec648 Fix non C volumes on Windows
3d7522b7f ctr: allow run to override mounts
7beaa5e85 Add mount options to blockfile snapshotter
261d45efe docs/remote-snapshotter.md: update links and description
7274e33e3 CRI: Make stats respect sandbox's platform
82deabf9d Optimize metadata Schema notes to correctly match metadata structures
a6cd5e3f4 bugfix: resolve symlink when looking up mountpoint
b9f2e48e3 feat: make overlay sync removal configurable
becf04a59 Update to docker/login-action V2
79709a205 disable provenance
1be571b14 Add sync before unmount on snapshotter layer test
b729962e3 Add blockfile snapshotter to snapshotters doc
798dba9fa Add blockfile as a builtin
0c386e2eb Add blockfile snapshotter
d280cb83b chore: update comment for NetworkPluginSetupSerially
f8907ab87 Update volume-copy-up
811456b31 go.mod: github.com/containerd/continuity v0.4.0
6f715ab10 go.mod: github.com/containerd/go-runc v1.1.0
85cf9a09e Bump seccomp version to be the same as one in runc repo
cdaa4025e Fix some typos
3d9dd2022 ctr: fix the cleanup of task
66307d0b4 CRI: Support Linux usernames for !linux platforms
5dbae3819 snapshots/testsuite: Rename: fix fuse-overlayfs incompatibility
df65e321e Simplify closing bundle dir fd
718250b6b Update ttrpc to v1.2.2
7e42dc34d improve container Task comment
4347fc8bc go.mod: github.com/opencontainers/image-spec v1.1.0-rc3
5e054ee63 go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2
bb61a6d4b cache diffIDs
6e2c915a4 Bump up golangci-lint to v1.52.2
ecb693ec7 bump typeurl to v2.1.1
f5211ee3f Change to Readdirnames for some cases
e60a17925 .github: disable cache for actions/setup-go@v4
52afa34f5 cri: update WithoutDefaultSecuritySettings comment
6f34da5f8 Cleanup logrus imports
717169bb8 plugin: remove go < 1.8 stub, enable on windows and arm64
28d749c9e move to CRI-TOOLS v1.27.0
27f56e607 Fix umarshal metrics for CRI server
b947a6f52 update go to go1.20.4, go1.19.9
c54b706c0 Add faasd and actuated into the ADOPTERS file
d56466cf3 [transfer] avoid setting limiters when max is 0
2e53c0ec8 Windows integration: fix critest binary path in Azure-based workflow.
9e7f8fe30 Update CRI registry configuration docs
0d975230e Fix panic when remote differ returns empty result
c58a229e5 Run CI when adding to the merge queue
0ba066474 vendor: github.com/opencontainers/runc v1.1.7
cbd10e41a vendor: github.com/opencontainers/runc v1.1.6
27c0fe3eb update runc binary to v1.1.7
4891bba83 Update tar tests to run on Darwin
d9f3e387c Remove entry for container from container store on error
8ba285f6b fix unable to checkpoint the container more than once
370be0c18 Move logrus setup code to log package
92b93e376 cri: Vendor v0.27.1
8c80ccc7f Update external repo links that changed default branch to main
519457e3e ctr: Add sandbox flag to ctr run
c786994ea Update transfer configuration
4e5693938 Add platform config to proxy plugins
4192ca8f8 pkg/cri/server: sub-test uses array and capture range var
8bcfdda39 pkg/cri/sbserver: sub-test uses array and capture range var
745ec84e5 Add diffservice to contrib
3784c1c91 Add proxy differ
cb2c3ec8f oci: partially restore comment on read-only mounts for uid/gid uses
f23816740 go.mod: add comment explaining go-fuzz-headers replace rule
ec9e74ed9 go.mod: remove replace for github.com/opencontainers/runtime-tools
6c40cf305 go.mod: integration: use non-pre-release of containerd
92d1e9bee go.mod: integration: move indirect dependencies to the right group
18d7e84f9 runtime/shim: fix the nil checkpoint options
cd16b31cd Get CDI devices from CRI Config.CDIDevices field
da4de96e2 containerd support k8s 1.27
4b35c3829 update shim example
71ababe30 runtime/shim: remove runc/v2/services
b71f4b751 runtime/shim: rename RunManager to Run
49111b115 update runc binary to v1.1.6
85df1cc6b doc: update CI signal info in README
7e6ab8488 cri: Throw an error if idmap mounts is requested
85afda6f5 cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings
f7b8b1181 update the version of the runc shim in the readme and examples
dc2fc987c capture desc variable in range variable just in case that it run in parallel mode
05bb52b27 Use t.TempDir instead of os.MkdirTemp
7a7519a78 CRI Sbserver: Make PodSandboxStatus friendlier to shim crashes
79cb4b000 [sbserver] handle missing cpu stats
464a4977a [sbserver] Refactor usageNanoCores be to used for all OSes
e0b817ec1 Fix argsEscaped tests
aee358765 Update to setup-go@v4 action
811be6085 Update Azure-based Windows workflow image SKUs.
dfc7590d5 remotes/docker: Add MountedFrom and Exists push status
db223271e Register imagePullThroughput and count with MiB
6f0714efc Use RunWithPrivileges
b41ca1159 Fix access denied on mounted vhdx root
a7fddb40b Use wait instead of a sleep to check for startup delay
d0527e228 Support for dropping inheritable capabilities
0fb2d9132 update go to go1.20.3, go1.19.8
cab056226 oci: Use WithReadonlyTempMount when adding users/groups
c9e5c33a1 UnmountAll is a no-op for missing mount points
8538e7a2a Improve error messages and remove check
ba74cdf15 Make ReadOnly() available on all platforms
7bb2756bc Increase integration test tmieout to 20m
1279ad880 Remove bind code path in mount()
6a5b4c9c2 Remove "bind" code path from diff
76690706f CI: bump up crun to 1.8.3
d373ebc4d Properly mount base layers
ca5605b4a Skip parent layer options on bind mounts
7f82dd91f Add ReadOnly() function
157fe6a13 docs: fix typo in comment of ExitStatus.Exit(Code|Time)
4012c1b85 Remove escalated privileges
54f8abe55 Use DefaultSnapshotter
47dd3dcff use t.Fatal if we cannot enable process privileges
e31bef15f Update continuity
95687a932 Fix go.mod, simplify boolean logic, add logging
7a36efd75 Ignore ERROR_NOT_FOUND error when removing mount
db3279859 Update continuity, go-winio and hcsshim
00efd3e6d Remove unused function
dc980b14a Grant needed privileges for snapshotter tests
feb637f92 Fix layer comparison and enable read-only checks
36dc2782c Use bind filer for mounts
d591bb042 Enable TestSnapshotterClient on Windows
7b36becd2 Run Windows snapshotter through the test suite
ac30eabbd Fix misspelling of 'Native' as 'Naive'
639c5799a Add paired 'mount' log for 'unmount'
8395e3a89 Don't use all-upper-case filenames in snapshot tests
909730dec Skip tests that do not apply to WCOW on Windows
469c13997 Ensure mounts are unmounted before leaving the test
84cc3e496 Unify testutil.Unmount on Windows and Unix
474a257b1 Implement Windows mounting for bind and windows-layer mounts
34b07d3e2 Implement WCOW parentless active snapshots and view snapshots
82ec62b86 fix: cio.Cancel() should close the pipes
ac84bf7c8 Update sbserver to add noexec nodev and nosuid to /etc/resolv.conf mount bind.
126ab72fe Keep linux mounts for linux sandboxes on Windows/Darwin
990199a02 Test to ensure nosuid,nodev,noexec are set on /etc/reolv.conf mount.
96490734b update runc binary to v1.1.5
b55dad06a go.mod: github.com/opencontainers/runc v1.1.5
c89438e83 integration: add container start test using abs runtime path
3557ac884 Extract image service from CRI
97064b077 WithRuntimePath uses the TaskInfo.RuntimePath field
c56f54aa1 devmapper plugin: skip plugin when not configured
a11e47b48 Use built in atomic.Bool
87346df54 Defer uid lookups on Darwin
ae4dbb60d Add noexec nodev and nosuid to sandbox /etc/resolv.conf mount bind.
1be08b10f ctr/tasks: fix unmarshal the task metrics for cgroups v1
8322bcb88 Adds a file header
50b576a94 Adds a dev container and Codespaces docs
0bbca7f1b Cleanup protobuild config
daa3a7665 Add `WithReadonlyTempMount` to create readonly temporary mounts
f48ae2227 fix: Update error message format based on feedback
3193650f1 fix: 'failed to resolve symlink' error messaging
14714b94d Fold the output of `crictl info`
5fdca538d adding cni metadata to the container in the `ctr run --config`
32d431a7c Update crictl doc
690ae58ca Update cri-tools version on windows
5956cdea8 Remove third-party package cri-api
c011502bd Remove cri v1alpha1 services
23d288a80 Remove the CriuPath field from runc's options
62f98a1c1 CRI: Don't always close netConfMonitor channel
a4d33a784 Remove support for config.toml `version = 1`
3e87f05b6 Fix image pulling with Transfer service
c5f1086ad Update docs
fda5c84bc Update gce contrib to use v2 by default
8bd82e355 Remove no_pivot when creating container from CRI
07c2ae12e Remove v1 runctypes
c50a3ef04 Update Makefile and CI
ef516a150 Remove runtime v1
76778aee6 integration: add restart monitor test for paused task
35a103d32 Remove "containerd.io/restart.logpath" label (deprecated since v1.5)
08337f356 Pre-splice strings and determine whether it is a file and check criCleanup err.
e0d9b9663 Fix restarting the paused containers
86fc1ccab Remove `aufs` snapshotter (deprecated since v1.5)
50740a1a0 use strings.Cut instead of strings.Split for parsing imageConfig.User
b39ac5d09 docs: fix typo in comment of plugin.Plugin.Err()
d835fd2a3 Sandbox: Correct/add some fields to Status()
d3e856da7 export: add test for WithSkipDockerManifest
70da5c783 Sandbox: Cleanup shim on Start failure
406583165 archive: consistently respect value of WithSkipDockerManifest
727b25403 fix userstr for dditionalGids on Linux
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2 files changed, 8 insertions, 11 deletions
diff --git a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch b/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch index 3a69d76d..63498a86 100644 --- a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch +++ b/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch | |||
@@ -23,13 +23,13 @@ Index: containerd/Makefile | |||
23 | =================================================================== | 23 | =================================================================== |
24 | --- containerd.orig/Makefile | 24 | --- containerd.orig/Makefile |
25 | +++ containerd/Makefile | 25 | +++ containerd/Makefile |
26 | @@ -127,7 +127,8 @@ | 26 | @@ -129,7 +129,8 @@ |
27 | GOPATHS=$(shell go env GOPATH | tr ":" "\n" | tr ";" "\n") | 27 | GOPATHS=$(shell $(GO) env GOPATH | tr ":" "\n" | tr ";" "\n") |
28 | 28 | ||
29 | TESTFLAGS_RACE= | 29 | TESTFLAGS_RACE= |
30 | -GO_BUILD_FLAGS= | 30 | -GO_BUILD_FLAGS ?= |
31 | +# allow flags to be exported and picked up. | 31 | +# allow flags to be exported and picked up. |
32 | +# GO_BUILD_FLAGS= | 32 | +# GO_BUILD_FLAGS ?= |
33 | # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 | 33 | # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 |
34 | GO_GCFLAGS=$(shell \ | 34 | GO_GCFLAGS=$(shell \ |
35 | set -- ${GOPATHS}; \ | 35 | set -- ${GOPATHS}; \ |
diff --git a/recipes-containers/containerd/containerd-opencontainers_git.bb b/recipes-containers/containerd/containerd-opencontainers_git.bb index 78fe6941..5c1e1274 100644 --- a/recipes-containers/containerd/containerd-opencontainers_git.bb +++ b/recipes-containers/containerd/containerd-opencontainers_git.bb | |||
@@ -5,8 +5,8 @@ DESCRIPTION = "containerd is a daemon to control runC, built for performance and | |||
5 | support as well as checkpoint and restore for cloning and live migration of containers." | 5 | support as well as checkpoint and restore for cloning and live migration of containers." |
6 | 6 | ||
7 | 7 | ||
8 | SRCREV = "5e21abb181c92adc95636edf983bdf639f0ceb60" | 8 | SRCREV = "87bf39a7f5580a86df739a787ced9664d1dc11bd" |
9 | SRC_URI = "git://github.com/containerd/containerd;branch=release/1.7;protocol=https;destsuffix=git/src/github.com/containerd/containerd \ | 9 | SRC_URI = "git://github.com/containerd/containerd;branch=main;protocol=https;destsuffix=git/src/github.com/containerd/containerd \ |
10 | file://0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch \ | 10 | file://0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch \ |
11 | file://0001-build-don-t-use-gcflags-to-define-trimpath.patch \ | 11 | file://0001-build-don-t-use-gcflags-to-define-trimpath.patch \ |
12 | " | 12 | " |
@@ -15,8 +15,8 @@ SRC_URI = "git://github.com/containerd/containerd;branch=release/1.7;protocol=ht | |||
15 | LICENSE = "Apache-2.0" | 15 | LICENSE = "Apache-2.0" |
16 | LIC_FILES_CHKSUM = "file://LICENSE;md5=1269f40c0d099c21a871163984590d89" | 16 | LIC_FILES_CHKSUM = "file://LICENSE;md5=1269f40c0d099c21a871163984590d89" |
17 | 17 | ||
18 | CONTAINERD_VERSION = "v1.7.7" | 18 | CONTAINERD_VERSION = "v2.0.0-beta.0" |
19 | CVE_VERSION = "v1.7.7" | 19 | CVE_VERSION = "v2.0.0-beta.0" |
20 | 20 | ||
21 | # EXTRA_OEMAKE += "GODEBUG=1" | 21 | # EXTRA_OEMAKE += "GODEBUG=1" |
22 | 22 | ||
@@ -73,13 +73,10 @@ do_install() { | |||
73 | mkdir -p ${D}/${bindir} | 73 | mkdir -p ${D}/${bindir} |
74 | 74 | ||
75 | cp ${S}/bin/containerd ${D}/${bindir}/containerd | 75 | cp ${S}/bin/containerd ${D}/${bindir}/containerd |
76 | cp ${S}/bin/containerd-shim ${D}/${bindir}/containerd-shim | ||
77 | cp ${S}/bin/containerd-shim-runc-v1 ${D}/${bindir}/containerd-shim-runc-v1 | ||
78 | cp ${S}/bin/containerd-shim-runc-v2 ${D}/${bindir}/containerd-shim-runc-v2 | 76 | cp ${S}/bin/containerd-shim-runc-v2 ${D}/${bindir}/containerd-shim-runc-v2 |
79 | cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr | 77 | cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr |
80 | 78 | ||
81 | ln -sf containerd ${D}/${bindir}/docker-containerd | 79 | ln -sf containerd ${D}/${bindir}/docker-containerd |
82 | ln -sf containerd-shim ${D}/${bindir}/docker-containerd-shim | ||
83 | ln -sf containerd-ctr ${D}/${bindir}/docker-containerd-ctr | 80 | ln -sf containerd-ctr ${D}/${bindir}/docker-containerd-ctr |
84 | 81 | ||
85 | ln -sf containerd-ctr ${D}/${bindir}/ctr | 82 | ln -sf containerd-ctr ${D}/${bindir}/ctr |