diff options
| author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-07-10 18:11:41 +0000 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-07-11 14:07:17 +0000 |
| commit | ebc4831a3fbe4f87165239b7ddac1798aeadfe06 (patch) | |
| tree | cd682b12a62f243fbc1f34745ff33f9333280a81 | |
| parent | e28407eda5f8ec620753ec2df2cc8ff2d5eeb975 (diff) | |
| download | meta-virtualization-ebc4831a3fbe4f87165239b7ddac1798aeadfe06.tar.gz | |
cri-o: update to v1.31.0
Bumping cri-o to version v1.30.0-230-g04500243e, which comprises the following commits:
6d6149a0b build(deps): bump the actions group with 2 updates
922718c3f Fix typo
199f018fc build(deps): bump crate-ci/typos in the actions group
2389743df build(deps): bump k8s.io/kubelet from 0.31.0-alpha.2 to 0.31.0-alpha.3
58a9d7ed8 Enable `gci`, `godot`, `nolintlint` and `protogetter` linters
e2f93c800 Add `kubernetes` group in dependabot
c9844d98d Allow setting `CRICTL_BINARY` externally
6d00aaacc build(deps): bump k8s.io/client-go from 0.31.0-alpha.2 to 0.31.0-alpha.3
3789c2181 build(deps): bump the gomod group with 7 updates
49890645a Sort `crio` subcommands by name
a7f937588 Fix version output in help
4148aca47 test: ensure correct parsing of supplemental groups policy in JSON
ecf2c1770 build(deps): bump the gomod group across 1 directory with 3 updates
7d460145f changed the scorecard badge link to the standard format
fd967972a Update nixpkgs
506badaa2 Reload config should remove pinned images when an empty list is provided
2f16f8bae Update go dependencies
11562fd1c Add space to the error message
f8b860970 test: add coverage for fine-grained supplemental groups
c931b90a3 server/*: add fine-grained SupplementalGroups control for enhanced security
52f3004c5 Mark v1.27 as EOL
efd4385b4 server/*: Fix bug to add gid in /etc/group
ffd15afda build(deps): bump crate-ci/typos in the actions group
6cb3925d9 OWNERS: adding littlejawa to the list of reviewers
486d768dc Update nixpkgs
1705f891c Update nix to v2.22.1
1494f809a Update shfmt to v3.8.0
7ad9c74e4 Update zeitgeist to v0.5.3
9cd0a9ed0 Update cni-plugins to v1.5.1
d27a9a8e3 Update shellcheck to v0.10.0
ccc030003 build(deps): bump actions/upload-artifact from 3.pre.node20 to 4.3.3
07ac2d0a7 build(deps): bump ossf/scorecard-action in the actions group
02574a396 build(deps): bump peter-evans/create-pull-request in the actions group
6d2ff549e build(deps): bump github.com/go-chi/chi/v5 in the gomod group
293359157 Fix container volume restore
cf1875acc Added the scorecard github action and its badge
f62cf94cd build(deps): bump the gomod group across 1 directory with 3 updates
eccab8ac5 Restore container logs from checkpoint
20eba5edf server: remove container after failed start
8efa17c6a high perf hooks: short circut when writing cpuset values
80fcdafa9 build(deps): bump the gomod group across 1 directory with 14 updates
6af15ae30 Skip `[sig-network] KubeProxy should update metric…` test
d85efd773 build(deps): bump the actions group with 2 updates
e543c4d8e release-notes: Skip first commit
935579087 build(deps): bump crate-ci/typos in the actions group
8a08f2233 Add `conntrack-tools` to CI system packages
25e2e3566 build(deps): bump crate-ci/typos in the actions group
a12fa31f2 .packit.yaml: Fix `%global commit0 <sha>` generation
4572f79b5 build(deps): bump crate-ci/typos in the actions group across 1 directory
3da7b0699 Update scripts/automated-patch-releases.md
c84c357d5 Allow pull timeout set by RPC context
0a673b9ac Make unit tests work rootless
00ecf9532 Update cni-plugins to v1.5.0
4d6b85942 build(deps): bump crate-ci/typos in the actions group
b9487a0b0 Fix container stats label filter
ef7880da4 Don't fail CI on GitHub pages push
07ffbd248 Rebase to correct branch on patch release creation
594295d94 Update nixpkgs
7e778525a Update scripts/automated-patch-releases.md
af5358508 Update scripts/automated-patch-releases.md
e316beb95 Update scripts/automated-patch-releases.md
ab6739e2d Update scripts/automated-patch-releases.md
b48aa8ec9 Update scripts/automated-patch-releases.md
1ed84cd13 golangci-lint: bump cyclomatic complexity again
3e862ecbe server: warn about container /etc not being a regular directory
37c76ad52 server: use SecureJoin when setting container /etc directory
1c457dfe1 add mermaid flow diagram for patch releases
bcea85b46 build(deps): bump the gomod group across 1 directory with 10 updates
af597f05f Readd GOARCH in `Makefile`
c491001e9 Switch to `containers/common/pkg/crutils`
ef3d4eea6 Update conmon to v2.1.12
a9d80aa26 Update nixpkgs
dde54fcad build(deps): bump the actions group with 2 updates
148cacab0 fix memory leakage
7fec7bf61 Keep the monitor exits from stopping when the watcher gets error
1e12bed7d Add small tutorial how to run CRI-O in KIND
82af00dd2 delete deprecated registries config
2da2e6830 Fix tag reconciler permissions
63f443b1f build(deps): bump cachix/install-nix-action in the actions group
a5b126c0a Run workflow after tag push
5a306d4c5 Allow workflow dispatch for `integration`, `test` and `verify` actions
0a76ebe5d Create tag on reconciler
8d66907f5 Fix lint
0df965310 server: use max function instead of manually calculating max
ca3c711a3 build(deps): bump the actions group with 2 updates
0540a8e90 build(deps): bump the gomod group across 1 directory with 11 updates
b1b3c92ae Update a typo in the code comment
55cc11975 test: reenable crun-wasm test
64b991b1f server: support ping_group_range if in a userns
474a2ce87 contrib/test/ci: cleanup archived package for Fedora and ansible code
d1db27fb2 Add parser tag for DisallowedAnnotations
8b1ce9235 Update scripts/release/release.go
3914eeb59 fix rebase branch error on patch release
8ac0907f2 Enable `revive` linter
e7e37c567 build(deps): bump ossf/scorecard-action in the actions group
cbe71afae Show runtime configuration
f03faf99a Kill exec PIDs after main container exited
8b867c6ed build(deps): bump the gomod group across 1 directory with 4 updates
137f8a5a9 build(deps): bump golangci/golangci-lint-action in the actions group
794ce67db Remove surplus newline from the log message
0a9110393 pinns: write sysctls in correct process when userns
ee49fad01 Check for nil values when importing container definition
e07608b4e Fix mocks
8f4b32a53 build(deps): bump the gomod group across 1 directory with 25 updates
64c510043 Set an integration test timeout
62fede365 build(deps): bump the actions group with 2 updates
e01608257 Enhance tag reconciler logging
6657190b7 build(deps): bump github.com/containers/podman/v5 from 5.0.0 to 5.0.1
5327c246b build(deps): bump github.com/docker/docker
52f185309 Fix tag-reconciler job by using `GITHUB_TOKEN`
ead3cca6e Dependency update for podman 5
5f54ca9c5 build(deps): bump golangci/golangci-lint-action in the actions group
e783e930e Update internal/version/version.go
481baea60 Update golangci-lint to v1.58.0 and fix lints
8132c7d15 Remove archived `containerd-cri` repo
aefd7ac37 Use `codecov/codecov-action` to fix coverage report
907685a82 add tag-reconciler for patch releases
c3bfcd3b4 wait for reload completion for stable e2e
7371d2170 dashboard: switch to non-deprecated metrics
f0cd27e15 Replace go env GOARCH to ARCH
dea6c628e Drop GOPROXY/GOSUMDB from Makefile and fix unary operator error while building crio
1585cb921 version: bump to 1.31
1beecbe27 Pin crate-ci/typos GitHub action
980db0610 test:add coverage for automatic reloading of mirror registries
01450abb7 server: implement automatic reloading of mirror registries configuration
882ce4afc Fix kubelet image GC by using new `image_id` CRI field
d91496190 Fix AppArmour profile Apply() function to correctly handle an "Unconfined" mode.
97384f9a9 test/cri-metrics.bats: skip test for kata VMs
1955ce5d7 internal/criocli: Update criocli with new added metrics flags
820522dcf - internal/stats: Pass the container_server context down to statsserver
33d2f4785 - Better naming for ContainerStats struct
2ba4de466 New slice for each metric collection
b4ac9a966 Add metrics integration tests
d7fe9a3bb - Add missing fields and functions to unsupported stats
274a509eb - Implement ListPodSandboxMetrics
e851caffb Replace libcontainer.Stats with cgmgr.CgroupStats
352afeddd Add file_mapped and failcnt fields to memory stats
40ea8516a Add metrics decscriptors list
38e296b15 - Add cri-metrics implementations
4d93b7ec4 build(deps): bump the actions group across 1 directory with 3 updates
e66cd346d drop loop variable, which is no longer needed in go 1.22
8b966a886 Re-add `GITHUB_TOKEN` for GitHub actions jobs
4b4e66c63 Remove `GH_TOKEN` usage from repo
e0c06c4b5 golangcilint: potentially fix lint from broken linter
8d3a11eef hack/build-rpms.sh: Update for new builder image
c2d743dc6 Add debug log line to track newly started exec PIDs
614eb160e Add debug log to expose details of an exec PID being killed
6470daf8c Vendor Kubernetes v1.30.0
8c78850c1 Install `cri-tools` from `master`
b7e687853 fix typo and lints of CVE-2024-3154 fix
976ab1f4c annotations: add OCI runtime specific annotations to the AllowedAnnotations
b40648e43 Pin golangci-lint action
b20fce0b8 build(deps): bump golangci/golangci-lint-action in the actions group
9af6c1717 Fix verify.yml for GitHub actions
2e81eedc8 contrib/test: skip fips test for kata containers
81a98deb9 test: add coverage for disabling crypto.fips_enabled when FIPS_DISABLE is set
9977160f7 server: allow containers within a cluster to opt out of FIPS mode when necessary
316c23534 Pin GitHub actions commits
0c284bea2 replace patch-release.go with release.go
e34ea18ae Updates pinned images list on config reload
f326ace51 oci: keep track of exec PIDs and stop them on container stop
04be0b7cc build(deps): bump crate-ci/typos in the actions group
2edec2888 Build s390x binaries using musl libc
f98b96534 stop using BytesSize when merging the config
49b4a5fa4 bump ocicrypt to v1.1.10
13efa1ae1 Run patch release and nixpkgs jobs only on cri-o/cri-o
46d815d17 Distinguish conmon version parse from execution error
9e8848281 Remove duplicate comment in crio.conf
87cea5626 Rename `cron` workflow to `release-branch-forward`
d5b4ae531 drop hooks from kata integration tests
cd8333627 Use release-note block instead of label
b01cb1886 Update cri-tools to v1.30.0
3099a8fa7 patch-release: configure the default git user and fix file update
ddbd81955 Use default `cri-o` org for patch releases
da1999a6a Add missing kernel version check to the RRO mounts integration tests
dfc851483 Update `release-notes` to v0.16.8
851c13a05 build(deps): bump crate-ci/typos in the actions group
e3873837d sasha comments
cf44dd802 drop version
43f7ae0d1 Update golangci-lint to v1.57.2 and config
99aad640c Fix patch release workflow restriction
09a529bdf config,factory: use updated CDI interface.
fd9aa7625 go.{mod,sum}: update CDI dependency past 0.7.1.
283ac9cb1 add imagefs integration tests
8cffb6590 Move test volume creation to a local helper function
36d5b2359 Lower verbosity of `Allowed annotations are specified for workload` message
c69b09563 Enable and fix errorlint
7a098653b feat: add release versions for manual workflow run
5c4fb9a0e Use debug log level for CRI-O prow tests
25d397f98 Remove device mapper support
55857d8dd hack/govulncheck.sh: nit
0302c4150 Move to use new SELinux test helpers over the opencoded checks
9331b8628 Add test helpers to check for current SELinux status and mode
1234e86f2 Add test helpers to check for kernel and crictl versions
39be41ef9 Add support for Recursive Read-only (RRO) mounts
e1b983ac7 Makefile: rm $(PROJECT) use from paths
0e20dcddb Makefile: rm i386 hack
9e2727a9b build(deps): bump crate-ci/typos in the actions group
c848ba727 Print runtime version info on CRI-O startup
9bac613f5 Implement configurable container minimum memory limit per OCI runtime.
f7c3a7fff server: do not chmod bind mounts
bb8d956d5 server: chown secrets to root in the container
57a29faf1 add powertools repo for gpgme-devel
083656490 contrib/test/ci: use force_clone for crun to avoid outdated codebase
4fe7bc348 drop rootless dependency from podman
9231bcfa8 Add docs about the prow CI images
27982a07a update runtime spec to 1.2
0484ce3dd Fix Actuated badge in README.md
e480e5b28 Cherry-pick changes from containers/image/pull#2363
4ebe38670 Remove pinned conmon-rs version
74145d0b3 contrib/test/ci: use the main branch for building crun
46feeca20 build(deps): bump crate-ci/typos in the actions group
9d0acb9c1 Disable cron workflow for forks
0490e18b3 skip crun-wasm test in image bats
e3e629a5f build(deps): bump crate-ci/typos in the actions group
6718d4708 *: address issues with the latest typos update
31a0e9c12 build(deps): bump the actions group with 2 updates
a3496374e contrib/test/ci: fix ansible code for building runc
618a4cf1f Do not abort startup if CRIU binary not found
03839cb0a Don't fail-fast integration test matrix
ce21e6ae5 test: fix potential flake in timezone tests.
b5319fd54 Allow runc to build with go 1.21 and revert wasmedge changes Signed-off-by: Kevin Hannon <kehannon@redhat.com>
12a281f4c create go1.21.9 directory
33db97543 setup golang to 1.22
0f887e69e build golang 1.29 in runc
4e1bb0ba9 ci at 1.22
f407aa06b use golang 1.21 until runc works with 1.22
aedcfd1ac Run seccomp notifier tests on arm
dc44631dc add x to set for traceability
0a4272d03 test: remove references to crioctl
3c6b0e089 use wasmedge and drop crun-wasm
a63bc4d7a WIP: patch release workflow and script
ecd7c6ab5 Change `progressGoRoutine` to `consumeImagePullProgress`
b3b0089f0 fix: validation check should handle zero values
9d1cff8f3 oci: AttachContainer: always read attach socket
6ec4e5f38 refactor: moved cpulimit to crio config
3c1fc985b test: added test to cover parsing annotations
34223ab23 upkeep: small wording changes
2c666e7cc feat: add support for cpu limits for workloads
1a377ccd8 Add dynamic pull timeout
7084db255 packit: Update config and sync to Fedora
d6d21a12d In some cases the seccomp_notifier does not have time to stop the workload, in that cases exit code of container is 0.
39b3003e2 Update install.md
9b0e2b9b1 Update bats to v1.11.0
bea30a002 add a more clear pointer to what is supported for packaging
ba25bb584 Migrate off deprecated AppArmorProfile CRI API
b8e947a08 Add exponential backoff to the container stop loop
8460c2c1b add selinux package to crio Signed-off-by: Kevin Hannon <kehannon@redhat.com>
5bd10e270 Update OCI CNI to v0.4.2
d6ebb48a1 Use CRIU version check go-criu; not from Podman
ab7961676 drop specgen from crio
a6abdb326 Remove Podman `lookup` dependency
bcd879fe8 Change duplicated string values into constants
511572c5a Enable and fix `ginkgolinter` reports
7de6d9882 Remove Podman `annotations` package dependency
65ffd1737 Use upcoming version as release notes `endRev`
5677831ca Update cni-plugins to v1.4.1
8c41a868f Deflake `pod annotations capability for chained cni plugins` test
169c5f0c6 Use contextual logs in `server/container_restore.go`
3b29ce532 Remove Podman `errorhandling` package dependency
7824651ac Update google.golang.org/protobuf package to version v1.33.0
6649d97af Update the CNI plugins instructions
9b9318132 Update golangci-lint to v1.56.2 and fix lints
3372a225d build(deps): bump the actions group with 1 update
3f046d1df build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3
7afcf3f46 build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3
863e51424 Add OCI artifact layer cache
c434ea8ad Change CRIU support from default off to default on
a9ba094a1 deps: update otelttrpc to @latest and re-vendor.
365eaff17 Update zeitgeist to v0.4.4
5b246ba0a build(deps): bump the actions group with 1 update
624564010 Sync changes of PR#7719 & other defaults
791ce8045 Change process metrics collector log levels
03c4bcacc Remove `--seccomp-use-default-when-empty` option
ae00cdf9b fix a minor typo in the comment of pullImageImplementation
115e11d09 Disable Recursive Read-only (RRO) mounts feature
0b7cd2f34 Do not overwrite stored latency/governor on container restart
097fe3bf0 Add s390x architecture support
a1b8cb9c9 Add OCI artifact pull unit tests
ed7963f03 Keep versions file simple to source only
338ea986f In-memory OCI artifact pull
b302bc1a0 server: report the runtime handlers features
66ac43688 config: make error message clearer
0fa57582a vendor: bump kubernetes dependencies
08c393d17 Update release-notes to v0.16.5
b826a7f8c Remove `crun` from `dependencies.yaml`
3193916ac build(deps): bump github.com/opencontainers/image-spec
c692bec92 Fix markdown lint
6bd4f6855 Allow plain annotation `seccomp-profile.kubernetes.cri-o.io` for images
7b610e32c build(deps): bump the actions group with 6 updates
474fc7780 test: always override NRI socket location.
d3808e4ca Add all update types to dependabot groups
9241d7492 build(deps): bump the gomod group with 8 updates
8cc853085 build(deps): bump the actions group with 1 update
4c682eb0d Group all dependabot updates
bf5cc00bc config, docs, completions: enable NRI by default.
031ba9b11 Run checkpoint restore tests on arm
f1408edbe Update nixpkgs
e4a4024e5 Rename seccomp profile annotation to `seccomp-profile.kubernetes.cri-o.io`
fe8ec1940 Run integration tests with JOBS=2
14ef21bd2 Reduce amount of parallel jobs in integration tests
6f28ea99a Remove deprecated metrics
edebdd00f Revert "Fix ImageRef field for containers to default to an image ID"
91f888a3d Filter image annotations before used
ea8f1054e Don't fail-fast matrix
d43d8fd92 Don't use CRLF when generating CRI-O documentation
abf38859c CRI: An empty DNSConfig != unspecified
567eed921 Switch to go 1.22 and update deps
162594e9b Update openSUSE's OBS URL in install-distro.md file
a38b9b956 .golangci: Bump gocyclo to enforce code complexity checks
aff565f82 test: add test for timezone support
66c2aeb83 *: add support for specifying timezone for pod/container
05f4cbb19 release-notes: fix startTag calculation
b20d06cc7 Add support for OCI artifact seccomp profiles
ff60ac14a When crio restarts, restore the infraContainer
d955623e6 go.{mod,sum}: update NRI dependency, re-vendor.
4619ca724 server,nri: enable otel tracing over ttrpc.
9613e6075 Fix ctr log max test on arm64
e84b65477 oci: handle early exited container faster in stop loop
d8d3670be Update runc to 1.1.12
aedf47129 build(deps): bump github.com/opencontainers/runc from 1.1.10 to 1.1.12
511877186 report memory Swap-only values
601d85941 clean up the Populate* functions with their helpers
3bd73f662 libcontainer-based stats server for linux
5a2bbb90f Run integration tests on arm64
6fb83141a higeperfhooks: mixedcpus: set only exclusive cpus in child cgroup
63ff1eee8 Add integration tests
ea75b9bef Move metrics endpoint listener to use 127.0.0.1 as default
fbe8bbbee highperfhooks: add precreate hook for injecting envs
5e83e9697 Update nixpkgs
7e94aa19a server: implement stopPodSandbox for FreeBSD
f70aa434c server: implement runPodSandbox for FreeBSD
c13044276 internal/sandbox/infra: make this build on FreeBSD
bdaa98b66 internal/node/config: implement ValidateConfig for FreeBSD
2eb3db455 internal/config/nsmgr: implement nsmgr for FreeBSD
479e316db internal/oci: Implement getPidStartTime for FreeBSD
19e407c2e server: make configureMaxThreads platform-specific...
887c4421d internal/lib/sandbox: make NeedsInfra plaform-specific
5cb9fa77a internal/factory/containers: allow non-linux containers
5d3d7260d pkg/config: only validate the pinns path on Linux
c9975a3c4 build(deps): bump ocicni to latest master
3333f2fa7 build(deps): bump the opentelemetry group with 2 updates
1b9754486 fix missing line ending on crio.8.md
3cbaa5294 fix grep for whitespace
8dea35388 add metrics_host to config
8cffd22e3 fix typo for time out
e510f3854 metrics: remove deleted containers from OOM count metrics
56e46815d build(deps): bump github.com/go-git/go-git/v5 from 5.10.0 to 5.11.0
0c67d8b5a version: bump to 1.30.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
| -rw-r--r-- | recipes-containers/cri-o/cri-o_git.bb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/recipes-containers/cri-o/cri-o_git.bb b/recipes-containers/cri-o/cri-o_git.bb index 0255aa0a..76eda865 100644 --- a/recipes-containers/cri-o/cri-o_git.bb +++ b/recipes-containers/cri-o/cri-o_git.bb | |||
| @@ -14,9 +14,9 @@ At a high level, we expect the scope of cri-o to be restricted to the following | |||
| 14 | - Resource isolation as required by the CRI \ | 14 | - Resource isolation as required by the CRI \ |
| 15 | " | 15 | " |
| 16 | 16 | ||
| 17 | SRCREV_cri-o = "5aff11c7c1afdc785adafd7da3c3f2a6ac51b88d" | 17 | SRCREV_cri-o = "04500243ec0cd775e76bcec1c822aaa3faa11177" |
| 18 | SRC_URI = "\ | 18 | SRC_URI = "\ |
| 19 | git://github.com/kubernetes-sigs/cri-o.git;branch=release-1.30;name=cri-o;protocol=https;destsuffix=${GO_SRCURI_DESTSUFFIX} \ | 19 | git://github.com/kubernetes-sigs/cri-o.git;branch=release-1.31;name=cri-o;protocol=https;destsuffix=${GO_SRCURI_DESTSUFFIX} \ |
| 20 | file://crio.conf \ | 20 | file://crio.conf \ |
| 21 | " | 21 | " |
| 22 | 22 | ||
| @@ -26,7 +26,7 @@ LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c2 | |||
| 26 | 26 | ||
| 27 | GO_IMPORT = "import" | 27 | GO_IMPORT = "import" |
| 28 | 28 | ||
| 29 | PV = "1.30.0+git${SRCREV_cri-o}" | 29 | PV = "1.31.0+git${SRCREV_cri-o}" |
| 30 | 30 | ||
| 31 | inherit features_check | 31 | inherit features_check |
| 32 | REQUIRED_DISTRO_FEATURES ?= "seccomp" | 32 | REQUIRED_DISTRO_FEATURES ?= "seccomp" |