| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* apply the same also for recipes using PKG_NAME starting
with github.com which the conversion script doesn't update
automatically
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
master has become main in the runtime spec, so we update our recipe to
match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
runtime-spec has moved to main instead of master, so we tweak our branch
name to match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
github is removing git:// access, and fetches will start experiencing
interruptions in service, and eventually will fail completely.
bitbake will also begin to warn on github src_uri's that don't use
https. So we convert the meta-virt instances to use protocol=https
(done using the oe-core contrib conversion script)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
As introduced in the oe-core post:
https://lists.openembedded.org/g/openembedded-core/message/157623
SRC_URIs without an explicit branch will generate warnings, and
eventually be an error.
We run the provided conversion script to make sure that meta-virt
is ready for the change.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the SHA in recipes for xen and xen-tools to use the latest releases;
update xen 4.14 to xen 4.14.3 release, update xen 4.15 to 4.15.1 release, and
xen 4.16 to the current master version.
Add a comment to each recipe indicating which version of Xen is used in recipe.
Do not apply patches that have been merged/solved in Xen and remove patch files
not needed anymore.
Create a test package to pack new tests introduced in 4.16.
Add a depencency to util-linux-prlimit, as the xen 4.16 x86 requires prlimit,
without this boot of dom0 fails.
Signed-off-by: Edward Pickup <Edward.Pickup@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
update to 4.0.11
1.drop two patches that have been integrated to upstream repo.
2.drop tests-add-no-validate-when-using-download-template.patch
because it is no longer appropriate as the "download" has been
replaced with "busybox"
3.fix the apply failure of templates-use-curl-instead-of-wget.patch
4.update lxc from 4.0.10 to 4.0.11
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update ceph to latest 15.x version:
* remove 0001-add-missing-include-for-atomic-bool.patch which has been
fixed in upstream
* update patch to support python 3.10
* add gawk to RDEPENDS that script 'rgw-gap-list-comparator' requires it
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Include the xt-statistic kernel module required by K3S for iptables
configuration.
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: I7592261c65c7c0831ce553ee907fba9e3e458b6f
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update k3s.service with the latest changes from install.sh script.
Add k3s-killall.sh script to stop all of the K3s containers and reset
the containerd state.
The killall script cleans up containers, K3s directories, and networking
components while also removing the iptables chain with all the associated
rules. The cluster data will not be deleted.
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: If1794367cabfc18fc8e3ecaf26badd4d0bc25114
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman requires nsenter (for obvious reasons) .. and while this
dependency is normally satisfied on images (via busybox), it is
possible to build a minimal container image that excludes
busybox .. and hence will not have nsenter present.
Rather than making this a hard rdepends on util-linux-nsenter,
we use a variable: VIRTUAL-RUNTIME_base-utils-nsenter, which
can either be set to busybox or util-linux-nsenter (the current
default).
The VIRTUAL-RUNTIME_base-utils- format follows similarly named
OEcore providers and variables .. which the exception that there
is no entry in the preferred providers file there, and there's
no package created called busybox-nsenter (but perhaps there
could be in the future).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Like many other projects, umoci has switch to main instead of master.
(and then deleted master)
We change our branch specification to main, so the fetcher can once
again find our desired SRCREV.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Our storage.conf is a bit stale and is throwing warnings during
load (due to thin provisioning changing). We refreshin it from
the skopeo repository.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
recipes that use multiple SCMs in the SRC_URI, must supply
SRCREV_FORMAT or SRCPV triggers an expansion error. While
this isn't fatal during the build, it can cause issues with
setscene (and possibly) other tasks failing, which then
leads to no sstate re-use, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
recipes that use multiple SCMs in the SRC_URI, must supply
SRCREV_FORMAT or SRCPV triggers an expansion error. While
this isn't fatal during the build, it can cause issues with
setscene (and possibly) other tasks failing, which then
leads to no sstate re-use, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
recipes that use multiple SCMs in the SRC_URI, must supply
SRCREV_FORMAT or SRCPV triggers an expansion error. While
this isn't fatal during the build, it can cause issues with
setscene (and possibly) other tasks failing, which then
leads to no sstate re-use, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
recipes that use multiple SCMs in the SRC_URI, must supply
SRCREV_FORMAT or SRCPV triggers an expansion error. While
this isn't fatal during the build, it can cause issues with
setscene (and possibly) other tasks failing, which then
leads to no sstate re-use, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
recipes that use multiple SCMs in the SRC_URI, must supply
SRCREV_FORMAT or SRCPV triggers an expansion error. While
this isn't fatal during the build, it can cause issues with
setscene (and possibly) other tasks failing, which then
leads to no sstate re-use, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
According to oe-core commit
8e26252b45 layer.conf: Extend recipes not to install without explict dependencies
pkgconfig-native is not deployed in sysroot by default any more. Inherit
pkgconfig.bbclass to make it available for ceph.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping image-spec to version v1.0.1-97-g54a822e, which comprises the following commits:
fc4df0a Fix very minor oversight in config example
08dd547 media-types.md: clarify differences from Docker media types
170393e Embedded other platform fields in image spec
ebb32fd Use registry.example.com as example default registry
0e20f8a Add CPU variant to image config
a2b7b2f expected type/subtype test for descriptors should have comment that references failure, not success
875b7e5 pullapprove: remove defunct config
3b938ac Drop link to OCI scope table
ee4bfe1 Add background to png images
eaa222c image.base.ref.name -> image.base.name based on stevvooe's feedback
4221034 CODEOWNERS: switching from pullapprove to github builtin
4feeaac Describe how index manifests should work with base image annotations
a25f547 Removing Link Introduction
54bc9b7 Fix typo
b619890 Makefile: switch to the new OCI container image
9ed9683 adding github workflow to render docs and lint
87bb9f8 Create EMERITUS.md to recognize old maintainers
71ccc68 Add standard base image annotations
c435dd5 Remove Keyang Xie as a maintainer
a4ddb1f MAINTAINERS: update jonboulle email address
37e228a Update vbatts email address in MAINTAINERS
5f0d52c Replace Jason B with Jon J in image-spec maintainers
4366201 pandoc: point to a joint OCI org image
8211213 fixed typo in image-layout
78c42f4 Remove go4.org dependency
43022b9 MAINTAINERS: remove Brandon Philips @philips
8c25739 mediatype of layers should be application/vnd.oci.image.layer.v1.tar+gzip
c3a73dc zstd: add constants to specs-go/v1
d420390 README.md: return to one-sentence-per-line format
ea8062d Reference "org" repo for meeting info
1a29e86 media-types: Define layer media types suffix '+zstd'
042b4d7 Run tests with go 1.12
3d3783d Fix linting error
bd4f8fc annotations.md: Fix a small typo
c5f603f Fix table header grammar in annotations
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runtime-spec to version v1.0.2-71-gab23082, which comprises the following commits:
411082c add youki to implementations.md
6641127 alphabetize the implementation list.
15f418e fix the lifecycle reference in the states listing
f0ac327 defs-zos: [Fix] prevent schema parsers from hitting recursion-loop while resolving types.
cc7f6ec config-linux: Add Intel RDT CMT and MBM Linux support
c83b45e Introduce zos as platform.
0c021c1 config-linux: clarify the handling of ClosID RDT parameter
9e65944 config-linux: fix indentation on IntelRdt
0f84938 schema/defs-linux: Fix inconsistencies with seccomp notify
7c549cb seccomp: Add missing const for seccomp notify action
58798e7 Add Seccomp Notify support
8c363e8 Proposal: runtime should ignore capabilities that cannot be granted
f02cd4a config-linux: mark memory.kernel[TCP] as NOT RECOMMENDED
76f7818 README: Fix broken link for charter
f7ef278 seccomp: allow to override default errno return code
ec964df seccomp: expect error with invalid errnoRet
2978430 config-linux: fix personality link
e9429bb Makefile: Fix golint URL used in go get
8f65443 travis: fix go_import_path
3866eec MAINTAINERS: update vbatts email
2fe0475 Add support for SCMP_ACT_KILL_THREAD
fd895fb Change all references from whitelist to allowed
11bfea2 Fix int64 and uint64 type value ranges
57a316b docs: Added enclave OCI runtime rune to implementations
938cf9f Update seccomp architectures to support RISCV64
d3f079a config.go: make umask a pointer
a02a293 Update State structure to use the new ContainerState type
7571d3d cgroup: add cgroup v2 support
66ad83f Use dedicated type for Container State
89419f0 Add State status constants to spec-go
09fc3b4 Remove superfluous 'an'
0e72101 Add Giuseppe Scrivano as runtime spec maintainer
6042999 Define State for container and runtime namespace
a9f1170 Add seccomp kill process
d759f35 MAINTAINERS: Add @cyphar as maintainer
f9df045 seccomp: fix go-specs for errnoRet
3bfcde2 seccomp: allow to override errno return code
1ac6f8d specs-go: bump master back to -dev
c4ee7d1 specs-go: update version to 1.0.2
ce773cb ChangeLog: changes v1.0.1...v1.0.2
5ef5c78 Makefile: avoid SELinux for making docs
d22e8e0 *: release process is duplicated in RELEASES.md
41c3e47 Review (tianon)
9be9595 Clarify case with pre-configured Intel RDT closID
76c0da2 config-linux: describe more about rootfs mount propagation
353ddcb config-linux: add SHOULD to linux.namespaces.type
37fab77 Fix typo in RELEASES.md
baa7978 remove unneeded indent
a87fe24 Makefile: no DCO with git-validation on travis
bacc285 MAINTAINERS: remove philips
d5bfb2b MAINTAINERS: remove Vishnu
dda13dc PullApprove: No need for 3 DCO checks
12fd09a RELEASE: document how to do the release
c166268 Add create-container, create-runtime and start-container hooks
e6e17ad schema: drop id from umask
fac34e2 schema: fix indentation
03c526b schema: add missing definition for personality
2b844a0 Add support for SCMP_ACT_LOG
66f4ffa Add new seccomp action.
d1ef109 config-linux: support seccomp flags
ff32f02 implementations.md: fix repository for crun
23c4be2 Update meeting info section to point to "org" repo
78ab98c Fix markdown escape in config-linux
5cc25d0 Add Linux personality support
234aa0b config-linux: Add Memory cgroup's use_hierarchy
6b04c63 config: add "umask" field to POSIX "user" section
dba5778 config: Collapse extensibility to a single MUST
574182a schema/defs-linux: change weight type to uint16
ec0fc3d runtime: Clarify ociVersion as based on the state schema
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The criu-dev branch is not constant/consistent, so we switch to main
for our SRCREV specification.
At the same time, we bump to 3.16.1, which comprises the following
commits:
4a1731891 criu: Version 3.16.1
62b377957 Makefile: add shellcheck test/others/libcriu/*.sh
59d0dfba9 test/libcriu: print logs on fail
53bf82bcf test/libcriu: add test case for join-ns
a8c5efe4c libcriu: define log level constants
5ec2a6aaa libcriu: add join_ns API
f2cdb062a Makefile: install criu-ns only with python3
a15a63fce criu-ns: change python shebang to python3
000ea8266 criu: Version 3.16
8567a0952 ci: Update openj9 container images
0b2a7223b mount: fix double-dump file system bug
bea9580e3 gitignore: add build directory
4db8ef15c podman-test: use crun from git repository
6a15dbdef lib: install images/rpc.pb-c.h
c6b5e7d92 sk-unix: fix prep_unix_sk_cwd root and cwd restoring
f0e968ffe binfmt_misc: restore current work directory after restoring mnt ns
776f3cff7 autofs: restore current work directory after restoring mnt ns
45409c35d mount: use swich_mnt_ns/restore_mnt_ns helpers to simplify code
f79d15c44 binfmt_misc: restore current work directory after restoring mnt ns
eea63587e namespaces: add helpers to switch/restore mnt ns
41f448968 remove tls parameter description if without GnuTLS support
d87922099 kerndat: create separate netns for has_nftables_concat check
aa772bf28 zdtm: fix network lock tests when run with --norst
9838d34de criu: use unique table names for nftables based locking
ca3e3c50b inventory: save network lock method to reuse in restore
cd1570b15 zdtm: add ipv6 variants of net_lock_socket_* tests
212db1d9a zdtm: add nftables per-socket locking test
826d3d740 criu: add nftables connection locking/unlocking
6e59b2bd7 zdtm: add iptables per-socket locking test
c15327656 zdtm: add nftables network namespace locking test
19cc0bfa6 criu: add nftables netns-wide locking/unlocking
f246ca56c criu: rename iptables network locking/unlocking functions
e9d24a2ba cr-check: add check for nftables based network locking
b85fad797 cr-service: add network_lock option to RPC and libcriu
2e30db5c3 criu: add --network-lock option to allow nftables alternative
ef7af1dd1 Run 'make indent' on criu/include/plugin.h
cf2b67375 workflows/lint: show changes
03cdbc4c0 criu/config: fix use-after-free in parse_join_ns
546a6dfd0 configs: fix used after free cases
399a53a43 lsm: do not print a warning if no LSM has been detected
960f26f90 files-reg: do not print a warning if a file has no build_id
90e175d52 zdtm/pthread_timers: make sure glibc allocated SIGEV_THREAD's stack
dd0e66149 ci: fix 'crit.sh: 3: source: not found'
e936a0f8a docker-test: refactor test scenario
78eb0dabf dump: suspend/resume lsm on pre-dump
5dc373385 util: add run_command()
9422383b6 zdtm/apparmor_stacking: don't include optional AppArmor namespace separator
dc4c3cd48 apparmor: actually enable suspend for AppArmor
ea1c89147 lsm: handle SELinux LSM correctly
06b5d2fa8 tests: add a test for apparmor_stacking
8723e3f99 check: add a feature test for apparmor_stacking
8d992a680 lsm: support checkpoint/restore of stacked apparmor profiles
0db135ac4 util: add rm -rf function
6085c37ba lsm: change when LSM profiles are collected
e2a45d786 ci: extend lint run to run 'make indent'
70833bcf2 Run 'make indent' on header files
93dd984ca Run 'make indent' on all C files
1e26f170c criu: introduce clang-format to format source code
cc2317ea4 zdtm: fix indentation in Makefile wait_stop target
d62e747e9 ci: fix Fedora Rawhide
b32c8c6fe posix-timers: fix getoverrun error handling
01fa34f1e ci: use pre-installed Podman
918901439 zdtm/pthread_timers: require ns_pid feature and add non-ns test
e1b1547c8 posix-timers: fallback notify thread id encoding for non-pidns and non-nspid
91d7203b8 proc_parse: make nspid field optional
a692a0d0a kerndat: Check that "/proc/[pid]/status" file has NS{pid, ..} lines
64f0012e4 zdtm: add a test for SIGEV_THREAD timers
7eab5a7dc timers: save tid from a task pid namespace
61e1334ab proc_parse: get a thread ID in a thread pidns from /proc/pid/status
80079fbb0 criu: dump and restore notify_thread_id of posix timer
6be9345fb criu-ns: add support for 'check' action
868bffba4 criu-ns: add top-level conditional execution
f70605ef1 criu-ns: update script name in help message
f472e2590 Documentation: Add man page for criu-ns
8891e51cd make: install criu-ns
4a9bcd884 zdtm: prioritize /lib/* dependencies in some tests
00ca2b519 scripts/build: add a docker file for archlinux
694eafa1f protobuf: remove leading underscores from protobuf structs
efb9fccd4 cgroup: cgroup_contains has to update the mask for cgroupv2
ac27562f0 ci: add msgque test case to crit-recode
7e86519fe lib: fix crit-recode msgque errors in Jenkins
503488597 ci/openj9: run mrproper before make
7ff785e1d zdtm: make --sbs also stop on each pre-dump/snap iteration
07316d15a restore: cleanup cgroup properly in error path
8f2b8c7be scripts: run lint also on criu-ns
bd648cc8d ci: also test tcp stream crit recoding
fa9acb9dc lib: fix broken crit-recode test
0ca36c95e ci: combine cross compile container definitions
2ebb1c741 crit: fix error on memfd files parsing
f57e45df5 cr-service: move pidfd_store initialization to cr-service
f7cd25400 pidfd_store: tidy up interface and hide unneeded details
083f0822e pidfd_store: move pidfd_store to a separate file
d55f34ed7 test/ci: sync netns_lock test and its --post-start hook
b290df9a6 test/jenkins: fix netns_lock test multiple iterations failure
75feb9635 ci: fix mips64el-cross test
f3cb15660 Keep inherit-fd strings alive until task restore
d3ce492cc pycrit: fix the broken of cli the `crit show xxx.img`
093fb0c87 Add test for new --lsm-mount-context option
64dd64e50 Enable changing of mount context on restore
5be71273f Remove unnecessary whitespace
fc7705a13 zdtm: add network namespace locking test
0cf79a360 test: remove exec test
1a197d4d8 criu: add unit testing for config file parser
45bde968a test: add tests for configuration file parsing
f695e6e10 config: make configuration file parser more robust
381d2e88f criu: add cleanup_free attribute
031a8d790 bfd: loop through read()/write() when the action is incomplete
24bc08365 ci: disable some tests on CentOS 7
63ca464bc ci: remove old workarounds
6ef01d3e6 ci: switch CentOS 7 test to Cirrus CI
1fbe87624 ci: disable -x during print_env()
b4c7267b0 zdtm: allow ignore taint via environment variable
a92833818 scripts/vagrant: Use vagrant 2.2.16
eda3ac2ff scripts/vagrant: Use Fedora 34
87ea13f6b add PKG_CONFIG default in a few more places
6db0f95db crtools: improve error handling on signal setting
2967bed64 build: respect $PKG_CONFIG settings
81a68ad3b docker-test: use latest containerd release
638e53c95 zdtm/tun_ns: add per-test dependencies
9d9ec73dd test: skip time namespaced tests on <= 5
e42083aa8 ci: update docker test matrix
ebc74668f cr_options: handle the case where __dest == __src in SET_CHAR_OPTS
d0511319e github: Add templates for new issues and pull requests
3c10d3335 criu(8): document --join-ns option
80ee4f8ae kdat: make uffd_open return errno from syscall separately
a8525c07d ci: no longer avoid overlayfs
2aa4185a6 test/others: refactor loop process
2b78d95e6 test/others: drop '_exit' function
34410b9e7 test: add a test to check that sigtrap handlers are restored
b310fbd31 ksigset: fix a typo in ksigdelset
c1b2d194e mem/pidfd: fix poll retry error checking
1c08709cd zdtm: add pidfd store based pid reuse test
ea0dc7807 zdtm: add --pidfd-store option in RPC mode
e79131e8c criu: add pidfd based pid reuse detection for RPC clients
ba882893c cr-check: add ability to check if pidfd_store feature is supported
e3c9c3429 cr-service: add pidfd_store_sk option to rpc.proto
a9508c986 criu: check if pidfd_getfd syscall is supported
30e8d8cad criu: check if pidfd_open syscall is supported
5d08f975a kerndat: Handle non-root mode when checking uffd
8c303d1a6 test/others/crit: add test for 'x'
e39300109 lib/cli.py: Open explore file as a binary
c8973d426 test/zdtm: check that a penging SIGTRAP handled properly
61c7cc5a9 parasite: don't block SIGTRAP
ed58fb221 test: create new tls certificates
6beeabcd4 zdtm: add sk-unix-dgram-ghost test case
2609e98ee sk-unix: ghost: fix deadlock between peer_fle->stage and fds wake up
655610e09 ci: remove hack for netns-nft zdtm test
ddefbbff1 zdtm: add combined nftables/iptables netns-nft-ipt test
4696e61ed zdtm: skip static/netns-nft test if nftables feature isn't supported
d8821d9a8 net: skip iptables dump if it has nft backend and nft dump is supported
e26949cfe lsm: handle half initialized SELinux setups
e2c352e4f tools.mk: Use Python 3 by default
177e4b4ba mips: remove empty gitignore
22142eedf mips: coding style fixes
99a6a17c2 Allow systemcfg proc file to be dumped
731cafa85 logging: pr_perror() -> pr_msg() when execvp fails in action scripts and others
24bdfa72d net: add a #define for increased compatiblity with old distributions
29c34386b restore: fix error message when fork fails
f10425e05 criu: end pr_(err|warn|msg|info|debug) with \n
96b7178ba Whitespace at EOL cleanup and check
7ea20e8f5 criu: make sure to use pr_perror to show errno
10c619adb test/zdtm: pr_err / pr_perror fixes
dca0eb5b4 test/others/bers: use pr_perror
e326889c0 criu/mount.c: fix \n in pr_debug
2166d4748 scripts: fix shellcheck warnings
5f3631916 Makefile: amend lint with pr_perror/fail checks
4cd23083b test/zdtm: don't pass errno to fail()
12a2bd0ed test/zdtm: don't use %m with fail
b20694835 test/zdtm: don't use \n with fail()
9cbcaaed3 test/zdtm: don't use errno for pr_perror
865a5e951 test/zdtm: don't use pr_perror where errno is unset
d55a65e93 criu: don't use errno for pr_error
f3be776cc Drop \n from pr_perror
5e3b07b95 test/zdtm: check that restore can handle precreated veth devices
f60f24bfb kerndat: check whether IFLA_NEW_IFINDEX is supported
3ca09f5c9 ci: exclude lazy-thp for remote pages over tls
6c77d7226 Makefile: docker-test don't use interactive tty
27b9ed53e Makefile: update excluded tests for docker-test
5d8ecee0a docker-test: use host cgroup & network ns
e3c0fa701 Dockerfile: add missing test dependencies
3074b6d5a Dockerfile: re-build criu after clean
f432186e7 Dockerfile: use 'git clean' before build
264b4a8d2 tiny fix on function dump_empty_fs
cdb0d4270 net: allow restoring of precreated veth devices
e3b694392 scripts/build: drop obsolete ENV1 variable
eb5726c44 images: re-license as Expat license (so-called MIT)
9c18c63d2 ci: enable crit tests in CI
b78c4e071 test: fix crit test and extend it
13e6e6899 lib: also handle extra pipe data correctly
bf9e502c6 lib: print nice error if crit gets wrong input
bf80fee4f lib: correctly handle stdin/stdout (Python 3)
9635d6496 criu: Replace faccessat with fstatat when using AT_SYMLINK_NOFOLLOW flag
96c1351d8 criu: Throw error when parent path is provided but invalid
8dc7ce3e7 cr-service: fix CRIU_REQ_TYPE__FEATURE_CHECK RPC request
b82f222d6 lib: fix crit-recode fix for Python 2
228e510d2 ci: move CentOS 8 based test to Cirrus
069d92e51 Use a real VM instead of a privileged container
90e03b1a1 pstree: don't change sid/gid-s if current sid/gid is the same
248b77367 lib: correctly handle padding of dump images
abe3405b2 lib: fromstring() and tostring() are deprecated
c10aae8f6 criu-ns: Merge comparisons with 'in'
5f59a7cc3 criu-ns: Add unsupported msg for restore-sibling
797422986 criu-ns: Handle restore-detached option
6b375ed75 criu-ns: Pass arguments to run_criu()
55a0557db criu-ns: Close namespace fd before raise
0e024bfce criu-ns: Extract set namespace functions
a80f08c2e criu-ns: Remove unused _umount
6fd59abc8 criu-ns: Use documentation strings
f8556f947 criu-ns: Extract wait for process into a function
a08aa4406 criu-ns: Extract mount new /proc into a function
a0a02c73e criu-ns: Remove space before/after bracket
8f69a58e0 criu-ns: Convert indentation to spaces
f3d071461 ci: run zdtm/transition/pid_reuse with pre-dumps in ci tests
288adfc59 ci: remove ccache setup
2e0107ead ci: run recode tests on more input files
71013465b lib: fix recode errors seen in Jenkins
c84dddf2f ci: remove '-Wl,-z,now' workaround
ed0f4608f lib/cli.py: Open out file as a binary
a433943a7 docker-test: set log file path
046cad8bf docker-test: use containerd v1.5.0-beta.0
25f378083 ci: move Travis CI Docker tests to GitHub Actions
7e6a1a701 pstree: check for pid collision before switching to new sid/gid
bb5bad532 test: move vt test to minor 65 on s390x
c66ca3aa2 zdtm/fpu03: Add .desc file to omit running on !x86
a87c61fe8 Revert "compel: add -ffreestanding to force gcc not to use builtin memcpy, memset"
1bac3a64b s390: Purge stale comment
39b7252c6 fault-injection: Run fpu corruption tests
21e3c5307 compel: Provide compel_set_task_ext_regs()
3613b6f15 compel: Store extended registers set in the thread context
7af06af10 zdtm/fpu03: Add a test to check fpu C/R in a thread
6c879c3c8 zdtm/fpu00: Simplify ifdeffery
e2e8be37f x86/compel/fault-inject: Add a fault-injection for corrupting extended regset
327e14933 namespaces: properly handle errors of snprintf
ffb848e6d x86: Use PTRACE_GET_THREAD_AREA instead of sys_get_thread_area()
72dc32850 ci/compat: Check if tests are 32-bit ELFs
10fe08c37 github/stale: separate labels with commas without following spaces
ff38944b9 ci: fix Fedora rawhide CI failures
79b3893ec plugin: check for plugin path truncation
878223560 sk-unix: check whether a socket name is NULL before printing it
9582a44ce bug: add __builtin_unreachable in BUG_ON_HANDLER
4eb43dc4d test: fix test compilation on rawhide
6f8e67135 zdtm: Add javaTests output to .gitignore
7b3eb03ab test: Reduce verbosity of mvn output
ae143161b javaTests: Add --file-locks option
56d7dbd7c file-lock: Add space in error message
950805bf1 ci: use runc instead of crun for podman tests
719e42fe1 seccomp: initialize seccomp_mode in all cases
2dc65a636 zdtm: add second fifo_upon_unix test
1f2e10771 zdtm: add fifo upon unix socket test case
7c5c81366 sk-unix: rework unix_resolve_name
d0308e5ec sk-unix: make criu respect existing files while restoring ghost unix socket fd
49889baa2 files-reg: rework strip_deleted
129cc7fbc files: Don't forget on stripping deleted postfix on linked files
3a4bffc14 ci: move coverage run to github
6be56e92c test/zdtm: check that locks are not dumped if --file-locks isn't set
7b5e7166e dump: dump has to fail if there is locks and --file-locks isn't set
37c09f890 ci: move compat tests to Github Actions
246c37ad3 README.md: remove unused badges; add a few new badges
fad9f805c README.md: remove trailing whitespaces
67ce4e46c ci: move asan and image streamer test to github
f983a55e6 vdso: fix segmentation fault caused by char pointer array
909ce55d8 Tell podman to use vfs as storage-driver
f4c5937ca ci: move Fedora Rawhide based tests away from Travis
ed7cefe21 ci: factor out Fedora Rawhide CI setup
95c4a8b40 ci: skip bpf tests on vagrant
bb2078f36 ci: upgrade vagrant and Fedora version
da2c83d87 ci: fix syntax error in stale.yml
fc5ba7de7 zdtm: handle a case when a test vma is merged with another one
d74353d77 util: zero the events pointer to avoid its double free
540141c7c namespaces: handle errors of snprintf
b83a1dd95 ci: also use clang for compel-host-bin
baad84efb ci: run aarch64 compile tests on Drone
95df2524c zdtm: cleanup thread-bomb test error handling and printing
50a96e9fa ci: move vagrant test to cirrus ci
f04e8517c workflows/stale: Don't close issue that has labels 'new feature' or 'enhancement'
2721d865f fsnotify: rework redundant code
c4f176b1e mount: adjust log level for mnt_is_dir
3fd3a376f mount: adjust log level for get_clean_mnt
8c53627dd dump: at exit do not call timing_stop if stats are not initialized
c405a0116 coverity: get_service_fd() is passed to a parameter that cannot be negative
6ff51fd8d restore: warning: Value stored to 'ret' is never read
0bb3d8586 memfd: use PROC_SELF instead of getpid in __open_proc
34024dfdc util: move open_proc_self_fd to service_fd
068672f39 servicefd: don't move service fds in case they remain in the same place
5364ca3da compel/test: Fix warn_unused_result
8aba7ae9f compel: Fix missing loff_t in Alpine
cffbeffed ci: Enable compel testing
fbb21b404 compel/test: Add main makefile
ae686848b compel/test: Resolve missing includes
c7544894f dump/ppc64,arm,mips: sanitize the ERESTART_RESTARTBLOCK -> EINTR transition
0cbfba778 github: auto-close stale issues and pull requests
fabd5be38 zdtm: look up iptables in /sbin and /usr/sbin
797f41e8a test/zdtm_ct: Run zdtm.py in the host time namespace
f736b8750 ci: Alpine's busybox based free does not understand -h
d2ed60b60 namespaces: don't set rst on error in switch_ns_by_fd
94fb7c36a ci: move alpine based tests to github actions
a28947bb8 ci: give an overview of the current CI environment
70088b66c ci: add Circle CI definition
a719a2f49 CONTRIBUTING.md: add component prefix to the subject example
adfec67c0 .gitignore: Remove qemu-user-static
82bddc4b2 scripts/Docerfile.centos8: Use 'powertools' repo name
898329b30 x86/asm: fix compile error in bitops.h
371d9c83d others/ns_ext: restore a process out of PID namespaces into the host PID namespace
eb9ed1aaf cr-restore: setup external pidns only for root task
c5064eda1 namespaces: make root_ns_mask more consistent
c629525ca cr-restore: make CLONE_NEWPID flag in clone_flags more consistent
98fbb766d compel/handle-elf: override unexpected precalculated addresses
6a7bb0b9f docs: fix simple typo, clietn -> client
b023f0ab5 vim: remove wrong 8-space tabs indent from python files
2c89954cc zdtm: on fail with no error also print the tail of the log
9bdae79d0 uffd: check for exited task when reading uffd_msg
3b2202151 uffd: cleanup read error handling in handle_uffd_event
8ca4d6e5b cr-restore: Properly inspect status in sigchld_process()
00bd72f32 ci: remove special handling for mips
2d68627dc CI: remove centos7 from Travis
5bb4406e9 ci: use graviton2 for arm64 tests on Travis
fb21643b2 tls: Add logging within send/recv callbacks
b28eb7b2d compel/log: Provide %u specifier parsing
c39ed518f compel/log: Stop parsing at unknown format specifier
b93fe2b2d vdso: Let zero-terminator in vdso_symbol_length
528ce2598 uffd: handle xrealloc() failure
56a70ff99 uffd: fix 'double free detected in tcache 2'
7db0c7c02 ci: add CentOS 8 based CI run
b0676302f ci: switch centos7 to github actions
247523c0c travis: rename centos test to centos7
b6e4dae22 criu-ns: Remove unreachable statement
ebea8f560 ci: fix lazy-pages test selection
20a83e77c ci: 'fix' lazy tests
1ecaee67a namespaces: fix 'Declaring variable "path" without initializer'
097c931ed coverity: img_raw_fd() returns a negative number
04d7b7157 sk-unix: ignore coverity chroot() warning
cfeb9c10f cr-dump: get_service_fd() is passed to a parameter that cannot be negative
ed905a002 util: fix double_close false positive
b47cb0539 dump: Potential leak of memory pointed to by 'si'
def84b8ef coverity: fix parameter_hidden: declaration hides parameter
c98eb0384 restore: Value stored to 'ret' is never read
8e5acdd2d cr-dump: Potential leak of memory pointed to by 'si'
cf4fe1fa1 vdso-compat: let coverity know that the function does not return
cfcc0b14a coverity: ignore CHECKED_RETURN
d0db53297 autofs: Potential leak of memory pointed to by 'token'
9b1921fb7 sk-unix: do not overwrite function parameter
1d403eb18 Use 'is None' instead of '== None'
820525fe8 bfd: remove unused line
a02986804 coredump: remove two unused variables
1543527bf lib/py: remove unused variable
7db0bb69e infect: initialize struct to avoid CLANG_WARNING
ee048e148 lock: disable clang_analyzer for the LOCK_BUG_ON() macro
70c8c12c6 compel: don't mmap parasite as RWX
6edcef740 cr-restore: Wait child & reap zombies if PID=1
4381043a7 criu-ns: Use PID 1 on restore
b2232f7f7 criu-ns: Convert c_char_p strings to bytes object
d16033658 criu-ns: Print usage info when no args provided
26371e56f criu-ns: Convert to python3 style print() syntax
72ca9673d python: Replace xrange with range
2598f64fa crns.py: New attempt to have --unshare option
0d691acba CI: distribute CI jobs between CI systems
e7cbeddff CI: rename 'travis' to 'ci'
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 1.2-16-g718b94e, which comprises the following commits:
979f6f0 criu: save the new descriptors after restore
cab3d52 crun: chown std streams
c68c4ce crun.1.md: fix formatting
62e9ba0 test: bump base and ubuntu to 1.16 for containerd tests
07303d8 exec: support --cgroup
9c96ca4 libcrun: allow to specify sub-cgroup for exec
e32af6c cgroup: allow to create missing dirs
baa786c exec: use new function
6d70af2 exec: new function libcrun_container_exec_with_options
97c2eac tests: add userns to sd_notify_proxy test
4f6c8e0 NEWS: tag 1.2
aee580f exec: fix containers being wrongly reported as paused
762269c test/criu: enable external ipc,uts,time namespaces
e334260 criu: Add support for shared ipc,uts,time ns
1353be8 configure: convert indentation to tabs
44bb0b2 artifacts: add libprotobuf-c-dev for protobuf headers
5b341a1 NEWS: tag 1.1
55d293c .github: add libprotobuf-c-dev
2162435 criu: store external descriptors as JSON string
9c7d928 .github: check tests leave the working dir clean
d99bb51 .github: report make check failures
0d64e1d linux: fix fix-test-mount-symlink-not-existing test
7260dc8 tests: fix number of tests
b0d64b6 tests: skip caps tests if rootless
a538e4e tests: disable exec_additional_gids when rootless
b055575 criu: fix save of external descriptors
c0f5460 criu: use has_prefix instead of strncmp
0fa5a11 criu: use write_file instead of open+write
1604c54 criu: drop \n from error messages
a967d78 criu: fix fd leak
f624c93 tests: disable unrelated failing Podman tests
ee35311 utils: add new function safe_readlinkat
ef24f0c README.md: ./configure.sh → ./configure
3e82d10 tests: add test for c/r with ext namespace
2257680 tests_utils: drop unused variable
f41c979 tests: drop unused imports
be18607 criu: Add support for external PID namespace
4810ac6 exec: refuse paused container/cgroup
7d35659 cgroup: drop cgroup_mode arg from libcrun_cgroup_is_container_paused
44377aa container: Set primary process to 1 via LISTEN_PID by default if user configuration is missing
bc0b3d1 utils: retry openat2 on EAGAIN
8a70bcd cgroup: use cgroup.kill if available
c819e9c tests: update Podman to 3.3.0
74543d3 linux: silence two false positives reported by lgtm
c1798ad status: check for owner before using it
5399935 utils: NUL terminate readlinkat buffer
2557c81 NEWS: tag 1.0
dad6ef2 crun.1: regenerate
2199d10 tests: update containerd version
We also bump the oci/image/runtime spec SRCREVs to ensure that we have
all the source dependencies up to date.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'autogen.sh' script of crun was fetching dependencies that we
already have in our SRC_URI. We want the OE git fetcher to manage
the source, not scripts in the source of a package.
We grab the two lines out of autogen.sh that we need, and use them
directly in the configure_prepend.
We also add yajl to the source code dependencies as the package
DEPENDS is not enough as crun is explicitly building source that
looks for the yajl code.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When setting up networking, podman is looking for the ipv6tables
executable. We have iptables in our rdepnds, but the ipv6 variant
won't be available unless ipv6 is in DISTRO_FEATURES.
We can use our distro feature check to detect the issue and alert
the developer.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To help enforce/guide consistent configuration and to avoid duplicating
configuration fragments into the meta-virt layer, we leverage a native
provider of the yocto-kernel-cache fragment repository.
To allow support for kernels that support fragments, but don't have the
yocto-kernel-cache in the kernel's SRC_URI, we create two conditional
parts of the virtualization configuration.
If virtualization is enabled in the distro features, the kernel
version matches one of our supported ones, and the kernel inherits
kernel-yocto, we add a depedency on the yocto-cfg-fragments-native
recipe.
That recipe will install the fragment collection to the kernel recipe's
native sysroot.
We can then check for the kernel-cache on the SRC_URI. If it is present,
we use the feature at the standard location. If it is not present, we
add the fragment from the native sysroot.
While we could always use the native sysroot variant, we want to allow
a kernel with a kernel-cache to be the first choice, and provide their
own fragments.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To allow the use of the yocto configuration fragments in scenarios where
a kernel inherits kernel-yocto or has a custom fragment implementation, but
doesn't directly include the yocto-kernel-cache in the kernel SRC_URI,
we introduce a native provider of the fragments.
This fragment provider is independent of a kernel tree and when added
as a dependency to a recipe, the fragments will be placed in:
recipe-sysroot-native/kcfg/
These can then be referenced on the SRC_URI or in KERNEL_FEEATURES by
using '../recipe-sysroot-native/kcfg' as the relative path to the
.scc or .cfg file. In the future, this won't be required as kernel-yocto
will always check the native sysroot for fragments, and fragments will
always be referenced by relative path from the base of the kernel-cache.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.22.2+k3s2-4-g737f722315, which comprises the following commits:
737f722315 set transport to skip verify if se skip flag passed (#4102) (#4103)
dd4b36e034 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161) (#4170)
cedcece9cc Dual-stack support LB controller
3f5774b41e Bump containerd to v1.5.7+k3s1
bdd597fb9e Don't evacuate the root cgroup when rootless
6d282b26c2 Skip tests that violate version skew policy
a09bcba540 Properly handle operation as init process
44013ae899 Enable the inheritance of settings for ipv6
10bca343e8 Update build images to python3 for compat with recent gsutil change
28be0de4e8 Revert "Use the newer klipper-lb image"
64b502e92c Disable automounting service account token in servicelb pods
7826407a2e Make sure there are no duplicates in etcd member list (#4025)
1d21491094 Use the newer klipper-lb image
753e11ee3c Enable JobTrackingWithFinalizers FeatureGate
dccee4e87b Fix regression from commit 137e80cd865efe51aa3ef0323fd6b0a014b7b9de
7a36c3f7f2 Bump golang version
77dfdda909 Update Kubernetes to v1.22.2-k3s1
eda65b19d9 Remove expiremental from cluster commands (#4024)
debb508643 Nvidia container runtime discovery in containerd config template (#3890)
086ca8ba6a Fix premature etcd shutdown when joining an existing cluster
85e11c47d1 Add StargzSupported stub for Windows
e732517712 Retrieve "CONTAINERD_" environment variables
acf9036b63 No-op when etcd member was already removed and use existing name for etcd controller (#4014)
9fcd79baae Add tests to the dual-stack PR and enable dual-stack with flannel backend
681058bb40 Add dual-stack support
5e0fae914f Bump helm-controller and klipper-helm image version
b72306ce3d Return the error since it just gets logged and retried anyways
5986898419 Use SubjectAccessReview to validate CCM RBAC
dc556cbb72 Set controller authn/authz kubeconfigs
199424b608 Pass context into all Executor functions
137e80cd86 Handle cgroup v1/2/hybrid in check-config.sh more explicitly/accurately
928b8531c3 [master] Add `etcd-member-management` controller to K3s (#4001)
699ea16523 go mod tidy
57377d2cd4 Minor cleanup on cribbed function
3449d5b9f9 Wait for apiserver readyz instead of healthz
3d27804c77 Anything not EL7 is EL8
b4d8c641c6 Add exposed metrics listener instead of replacing loopback listener
29c8b238e5 Replace klog with non-exiting fork
90960ebf4e SupportPodPidsLimit is locked to true of 1.20, making pids cgroup support mandatory
741ba95b04 Migrate sqlite data to etcd when initializing the cluster
a1ec43e0b7 feat: add option to disable s3 over https
8b857eef9c Ship Stargz Snapshotter (#2936)
cf12a13175 Add missing node name entry to apiserver SAN list
74196acaea added raspberry installation hint (#2379)
fdaa0c4210 Update maintainers to reflect team changes
b8add39b07 Bump kine for metrics/tls changes
ad1a40a96c Small updates to CONTRIBUTING (#3734)
933052a02c Fix condition for adding kubernetes endpoints (#3941)
4d6ddfea51 Bump stable to v1.21.4+k3s1
60297a1bbe Creation of K3s integration test Sonobuoy plugin (#3931)
84155ee313 Make consistent use of os-release vars
2a68c7c8a4 Fix issue where addon checksum was never stored
736c262612 Move cniplugins version to 0.9.1
96dcef478a Add functions to separate ipv4 from ipv6 functions
a9fce84ab6 github actions: enable workflow_dispatch (#3923)
114b30277f Redux: Enable K3s integration test to run on existing cluster (#3905)
f94d8d76a8 Check /etc/os-release exists before sourcing it
51b7451709 install.sh: Inform user of current k3s+SELinux support status for SUSE/openSUSE systems
331c6fed71 Remove runtime V1 (`containerd-shim`)
c23e63aeea Update RootlessKit to v0.14.5 (#3902)
176451f4ea Fix rootless regression in 1.22 (Set KubeletInUserNamespace gate) (#3901)
66dacc6ee0 Revert "Enable K3s integration test to run on existing cluster (#3892)" (#3899)
703b5af950 Enable K3s integration test to run on existing cluster (#3892)
58315fe135 Set osImage for docker image
156bae2940 Fix PREVIOUS_CHANNEL lookup when current minor release is not stable
e95b75409a Fix lint failures
a5355f0827 Replace dropped v1beta1 APIs with v1
dc14f370c4 Update wrangler to v0.8.5
c434db7cc6 Wrap errors in runControllers for additional context
422d266da2 Disable deprecated insecure port
641ab26fde Update containerd to 1.5
16616c6b90 Update grpc
54a7c860c7 Update kine for etcd v3.5 compat
92b651e548 update golangci config to sync with RKE2
4ebd6009ea Bump gopls and golangci-lint
872855015c Update etcd to v3.5.0
e204d863a5 Update Kubernetes to v1.22.1
ed5991f13b K3s Flock Integration Test (#3887)
e322924781 Reset load balancer state during restoraion (#3877)
a55921b33d Add missing labels to stalebot config
8e90c56f5c Update Kubernetes to v1.21.4-k3s1
544cf406aa Bump containerd to v1.4.9-k3s1
a1097984c0 Bump helm-controller to work around tiller crashes
b23955e835 Fix URL pruning when joining an etcd member (#3832)
e87204c064 Added new testing documentation (#3823)
a1e36153f9 Added locking system for integration tests (#3820)
ae909c73e5 Updated the code to use GetNetworkByName and tweaked logic.
4cc781b5e3 Moved testing utils into tests directory. Improved gotests template. (#3805)
dcf0657b20 account for an s3 folder when listing objects (#3807)
b4eca61aeb Prevent snapshot commands from creating empty snapshot directory (#3783)
3b01157a3a Use New Image Names (#3749)
bc96ffb5f3 Fix Node stuck at deletion (#3771)
338f9cae3f Bump helm-controller to v0.10.2
80a15bebc0 install.sh: Use built-in shell functionality instead of awk
dfd4e42e57 Wrap context with lease before importing images
2069cdf4ee Fix initial start of etcd only nodes (#3748)
429af17e4d update rancher/local-path-provisioner to v0.0.20
56109f96b3 Update MAINTAINERS (#3744)
5ab3590d9b Improve config retrieval messages
869b98bc4c Sync DisableKubeProxy into control struct
4f03532f47 Add nightly automation tests
09457a57d5 Add in stalebot config, starting with 6mo old stale issues. (#3739)
b1b5f72dc3 Notify systemd for etcd only node (#3732)
7704fb6ee5 Exporting the AddFeatureGate function and adding a unit test for it. (#3661)
fc19b805d5 Added logic to strip any existing hyphens before processing the args. (#3662)
a1d7a62493 Fix to allow non-root users access to storage volumes. (#3714)
90445bd581 Wait until server is ready before configuring kube-proxy (#3716)
21c8a33647 Introduction of Integration Tests (#3695)
f99b1c8798 add gotests templates (#3709)
71e1f1df8c Ignore markdown files for github actions (#3676)
1f6806d940 Update 1.21 stable version
20a48734c2 more fixes
7ebcc4b134 more fixes
b4401296ec replace error with warn in delete
2f82bfcf67 fix warning msg
b377839148 migrate old token key format
997ed7b9b4 simplifying the code
ad17292fa8 migrate empty string key properly
a65e5b6466 Fix multiple bootstrap keys found
37fcb61f5e move go routines for api server ready beneath wait group
c5832c1128 Bump Kubernetes to v1.21.3
b352d73511 Bump containerd to v1.4.8-k3s1
18bc98f60c adding startup hooks args to access to Disables and Skips (#3674)
dcabe14edd Update .github/ISSUE_TEMPLATE/feature_request.md
8840c937e6 Update .github/ISSUE_TEMPLATE/bug_report.md
bba49ea447 Fix to allow prune to correctly cleanup custom named snapshots (#3649)
f6be76b4f7 Add checkbox to denote backporting required on issue templates
aef8a6aafd Adding support for waitgroup to the Startuphooks (#3654)
ad28d18b19 Bump helm-controller to v0.10.1 (#3644)
d96fa8f727 Add issue template for creating release checklist issues (#3604)
a939decf01 fix a runtime core panic (#3627)
55fe4ff5b0 Convert existing unit tests to standard layout (#3621)
fbc41ed753 Upgrade k3s-root version
238dc2086e prevent snapshot save when snapshots are disabled (#3475)
a4c992ce52 🐳 burp to inetaf/tcpproxy
dd8398dc76 Bump the packaged runc binary version
ada145641c Update etcd snapshot error message to be more informative when etcd database is not found (#3568)
a62d143936 Fixing various bugs related to windows.
e1cd9438ad Update ROADMAP.md
81b006c938 Dispatch to rancher/system-agent-installer-k3s when tagged (#3589)
73df2d806b Update embedded kube-router (#3557)
77fcf2dfc5 missing build tag for windows
18367e12d0 Set ulimits in docker-compose.yml
8faa70dced Update to v1.21.2
6b3285b7e3 Fix coverage reporting to include all packages, not just those with tests
c833183517 Add unit tests for pkg/etcd (#3549)
cbfe673c43 Fix spelling to satisfy codespell check
cbacd7107e Allow passing targeted environment variables to containerd
4a6e87e5a2 Add user-facing change section to PR template
a5cff7e143 (docs) Update README.md
f5fbb9a9a8 Export cli server flags and etcd restoration functions (#3527)
246b378a27 Bump kine to resolve race condition and unrevisioned delete
3e1693bc97 Changes local storage pods to have 700 permissions (#3537)
7242ce9316 Redux: Add Unit Test Coverage to CI (#3524)
04398a2582 Move cloud-controller-manager into an embedded executor (#3525)
f3d0a857d2 Bump stable version to v1.21.2+k3s1 (#3526)
a84c75af62 Adds a command-line flag '--disable-helm-controller' that will disable the server's built-in helm controller.
cf55712767 Revert "Add Unit Test Coverage to CI (#3494)" (#3499)
216b3beaef Add Unit Test Coverage to CI (#3494)
82394d7d36 Basic windows agent that will join a cluster without CNI.
136dddca11 Fix storing bootstrap data with empty token string (#3422)
a629db023c Fail to start k3s if nm-cloud-setup is enabled
4b2ab8b515 Renamed client-cloud-controller crt and key (#3470)
ef23c6c548 Redux: Change containerd image leases from context lifespan to permanent (#3464)
b74c499709 Revert "Change containerd image leases from 24h to permanent (#3452)" (#3461)
86b3ba8dba Change containerd image leases from 24h to permanent (#3452)
88f95ec409 Send systemd notifications for both server and agent (#3430)
a7d1159ba6 Emit events for AddOn lifecycle
ea2cd6d727 Add comments, clean up imports and function names
6e48ca9b53 Tidy up function calls with many args
6ef000091a Add nodename to UA string for deploy controller
2afa3dbe1c Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3425)
f6cec4e75d Add kubernetes.default.svc to serving certs
243fd14cf1 Change Replace with ReplaceAll function
afd506a595 fix possible race where bootstrap data might not save
2682183773 add log message indicating etcd snapshots are disabled
664a98919b Fix RBAC cloud-controller-manager name 3308 (#3388)
5e0527f304 cgroup2 CI: add rootless
daf527ccaf k3s-rootless.service: use fuse-overlayfs snapshotter
1576030d6b Add a path for wireguard's privatekey
7345ac35ae Initial windows support for agent (#3375)
3abe7c7cef Bump stable version to v1.21.1+k3s1 and add v1.21 channel
d415e41337 Update flannel version
cb25835d84 containerd: v1.4.4-k3s2
79cf4a7c83 Bump channel stable version to v1.20.7+k3s1
25c2888d28 Fix shell expansion and file permission issues install.sh
f11cbc5a8e runc: v1.0.0-rc95 (#3348)
ecbf17e2ed move object channel defer close to goroutine
254b52077e add retention default and wire in s3 prune
7e175e8ad4 Handle conntrack-related sysctls in supervisor agent setup
c824c3bcc1 Add support for multiple env files for systemd unit
e8ecc00fc8 add etcd snapshot save subcommand
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.5+k3s2-2-gaa5a0a8c78, which comprises the following commits:
aa5a0a8c78 set transport to skip verify if se skip flag passed (#4102) (#4104)
3ee5098225 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161) (#4171)
724ef700ba Bump containerd to v1.4.11+k3s1
69a9f46bce Don't evacuate the root cgroup when rootless
0af55a830a Skip tests that violate version skew policy
9e66f975d5 Fix PREVIOUS_CHANNEL lookup when current minor release is not stable
38ddda587a Properly handle operation as init process
15f3a2ebfb Enable the inheritance of settings for ipv6
273827d4ba Update build images to python3 for compat with recent gsutil change
8c2f7ac41c Remove experimental from cluster commands
acad8ef840 [release-1.21] Update Kubernetes to v1.21.5 (#4032)
6acee2e2f5 No-op when etcd member was already removed and use existing name for etcd controller (#4015)
863512e055 Initial leader elected etcd member management controller (#4010)
37caf87d6d Add exposed metrics listener instead of replacing loopback listener
a8a6edfb0d Add missing node name entry to apiserver SAN list
659307d327 Fix condition for adding kubernetes endpoints (#3941) (#3946)
7cf85c235a Fix issue where addon checksum was never stored
656c190629 Reset load balancer state during restoraion (#3878)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
New oe-core pulls in less default dependencies[1], so add an explicit
inherit of pkgconfig as it is needed to configure Xen.
[1] https://lists.openembedded.org/g/openembedded-core/message/156185
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a devupstream variant of k8s, so we can track development
while also packaging the latest released versions.
We set the SRECREV to 1.23.x as it was previously, and before the
go version dependency bumps to above where OE core is currently
providing.
We move the patches to a :append, so they can apply to both the
released and devupstream versions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
As it turns out 1.23.x won't release in time for the next meta-virt
release, so we back off to the 1.22.x release branch.
To avoid PV issues when the number goes backwards, we add PE = "1"
to the versioning.
1.23.x will return in a devupstream format in another commit.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
OEcore has moved to 1.34.1 of busybox, so we do the same with our
initrd recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mmc probing order has become unpredictable
due to recent linux kernel changes, therefore devices
like the raspberry pi that have two mmc interface most
of the time can't boot from the hard-coded root path.
Modify the u-boot script to fetch the PARTUUID of the
second partition of the sd card and use it to put
root=PARTUUID=<xxx> in the command line passed to
the dom0 kernel.
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Reviewed-by: Christopher Clark <christopher.w.clark@gmail.com>
Tested-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Syntax conversion for bbappend linux-yocto_5.10
and linux-yocto-dev inside the raspberrypi
dynamic layer.
Reviewed-by: Diego Sueiro <diego.sueiro@arm.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Reviewed-by: Christopher Clark <christopher.w.clark@gmail.com>
Tested-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We adjust the LICENSE checksum due to:
commit 84694170402ff699065382ba2d2fb172c3b6c88f
Author: Daniel J Walsh <dwalsh@redhat.com>
Date: Thu Aug 26 13:15:23 2021 -0400
Globally replace http:// with https://
[NO TESTS NEEDED] Hopefully existing tests will find issues.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
and import the following changes:
6e8de00bb Bump to v3.4.0
3c93afbf4 Final release notes update for v3.4.0
128e168be Support selinux options with bind mounts play/gen
855746cc9 Fix release notes
09b353081 Release notes for v3.4.0 final release
2247d5f1b Disable docker and alias to podman in FCOS ignition
7d72e8324 [NO TESTS NEEDED] Add port configuration to first regular container
4fc40c82f Remind user to check connection or use podman machine
5064fd519 Ensure pod ID bucket is properly updated on rename
ba74d6e6e libpod: do not call (*container).Config()
a1199dbaf [CI:DOCS] cmd/podman: no dot for short descriptions
ddc2b9bbe System tests: speed up. They've gotten too slow.
b3af5a92c stop: Do nothing if container was never created in runtime
7bfc5250d remote build: EvalSymlinks() the context directory
7395459c7 podman machine: do not join userns
5e9aa13dc added healthcheck to ps command
6638a91e8 Fix english on prune prompt
31df5b78f rootful: do not set XDG_RUNTIME_DIR for cni plugins
8c944274f Revert "rootful: unset XDG_RUNTIME_DIR"
6ef2d3bd8 shell completion: do not show images without tag
063ba47d7 Update docs for --platform in podman-build.1
0f87cfd28 podman generate kube should not include images command
da67c7199 Also show the (initial) disk size
2c5382ba9 Show cpus and memory in machine list
57c055f61 Ignore mount errors except ErrContainerUnknown when cleaningup container
8084c5ef2 Allow machine options to be set from containers.conf
c0efa0dba Vendor in containers/buildah v1.23.1
6c7445d2b Vendor in containers/common v0.44.2
d6f6767a5 Set context dir for play kube build
f2c676e99 [3.4] podman save: enforce signature removal
8ee18bde1 Use a new markdown converter for sphinx
9dd75d311 Bump to v3.4.0-dev
e343b5368 Bump to v3.4.0-rc2
5bc648762 Release notes for v3.4.0-RC2
72e19cf51 Generate kube should'd add podman default environment vars
909cbfe21 sync container state before reading the healthcheck
897150946 Eighty-six eighty-eighty
e06abee1d vendor c/psgo@v1.7.1
d45cbbda3 Add a backoff and retries to retrieving exited event
70da2e858 [CI:DOCS] Add network alias note in man pages
a98e0371e Remove references to kube being development
70a428662 Support --format tables in ps output
45f8b01f6 Add podman image/container inspect man pages
863ea75c4 compat API: /images/json prefix image id with sha256
c66db2b70 [CI:DOCS] Add link to skopeo delete in podman rmi
7bfe9ca3d remote untag: support digests
7e6921170 System tests: cleanup, and remove obsolete skips
8784c1dd6 Remove unused code from libpod
79966def8 [CI:DOCS] markdown cleanup
be15a01c5 Only add 127.0.0.1 entry to /etc/hosts with --net=none
d27fcbdc2 container runlabel remove image tag from name
1a25a90a4 Fix /auth compat endpoint
c8fd65ea6 fix inverted condition
3bd3c6213 Fix machine image
331ce0f7e utils: return error message from StartTransientUnit
046fa2740 utils: raise warning only on cgroupv2
6001cd02a test/apiv2: set main version back to 3
4406ebb46 [3.4] vendor c/common@v0.44.1
40eeb7d3b runtime: move pause process to scope
e6fe5d631 system: move MovePauseProcessToScope to utils
ae5a5b51b system: always move pause process when running on systemd
34c9ce2ec system: avoid reading pause pid file
41cd360dc Bump to v3.4.0-dev
bd47b9eff Bump to v3.4.0-rc1
29edeaa89 Fix buildah-bud tests by using main's diff file
66eb69224 Fix podman-build manpages by using version from main
a647e1d18 Fix release notes
0d43151c2 Remove Pod CPU tests
fd56c8386 Set DEST_BRANCH in cirrus to fix CI
4841ec5c6 Final release notes for v3.4.0 RC1
5532cd488 libpod: honor --cgroups=split also with pods
e07dccc3a build: take advantage of --platform lists
c7c4cb886 build.bats: fix copy tests after containers/buildah#3486
c407813d6 build: mirror --authfile to filesystem if pointing to FD instead of file
69e327378 Bump to Buildah v1.23.0
331d4c5c7 Further release notes updates
901cf71a6 Show variant and codename of the distribution
507000a30 api: handle nil pointer dereference in rest endpoints
702e524ff Fix example in podman machine init man page
c8cbd87fd Document `all` query parameter for /libpod/images/prune
939db105c tests: enable --cgroups=disabled test for rootless
e0881fd5e tests: simplify --cgroups=disabled test
74bc365eb Enhance bindings for IDE hints
e37883f13 Cirrus: NM/CNI workaround + Remove prior-Ubuntu
0ca62196a libpod: rootful close binded ports
b6789c3d5 fix restart always with rootlessport
ffc8e57d3 remove rootlessport socket to prevent EADDRINUSE
fd8d332a4 test: enable --cgroup-parent test
33591c3ef Search gvproxy with config.FindHelperBinary()
1af0f8934 Add deprecated fields for 1.22+ clients that still expect them
c6e4453f6 If container exits with 125 podman should exit with 125
5829d62ea Use default username for podman machine ssh
c487389fa bump c/common to v0.44.0
069d90124 Initial release notes for v3.4.0 RC1
3c24d1fda Remove pod create options `--cpus` and `--cpuset-cpus`
fceec6972 Use new aarch64 fcos repos
31604b43d Revert "logs: adjust handling around partial log messages"
c23f81fab Fix #11444: remote breaks with stdout redirection
a8875faca [CI:DOCS] Remove short 'a' option from all-tags
eec59cea2 Bump github.com/containers/storage from 1.35.0 to 1.36.0
deaf96924 Refacter API server emphasis on logging
4fbc5b8fe Stop outputting 'healthy' on healthcheck
81751bebc Bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
f5e4ffb5e Add init containers to generate and play kube
d2e10a71d podman unshare keep exit code
309d98971 Bump github.com/containers/psgo from 1.5.2 to 1.6.0
f87f27ddc Add /containers/stats response to API docs
8d638d502 try to create the runroot before we warn that it is not writable
5bf220144 machine: set filemodes in octal
6f36a47ac podman machine: enforce a single search registry
50688da29 stats: detect containers restart
2b85382ca api: correctly set the container stats
53dc99fa6 stats: allow to read stats for paused containers
a4cc32c2c Fix missing args in name in example
5fdd0431b Cirrus: Run unit-tests rootless
4ccb4f81f Add a system test to modify and import an exported container.
c65b43a0f Bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
7cf22279d Fix conmon attach socket buffer size
e5468d404 test/e2e/search_test.go - relax tests
78c5a47fc vendor mpb@v7.1.4
6888b061d inspect: printTmpl must Flush writer
4d9dcab0c podman upgrade tests for networking
bbdaf837b Normalize auth key before calling `SetAuthentication`
2f967b81c Add logDriver to podman info
ab272d1e9 Add 'Machine %q started' message when podman machine start successful
cee689af1 Fix spacing on --userns options in docs
1ff797e36 system tests: new random_free_port helper
a1cab358c fix play kube can't use infra_image in config file
6aa666a27 container inspect: improve error handling
aa412ccc4 test/testvol/main.go: Fix missing arguments to Errorf()
f18ccbcc0 fix play kube --network options
748c2700b pkg/bindings/images.nTar(): set ownership of build context to 0:0
bfcd83ecd Add Checkpointed bool to Inspect
0d1ba0a58 Remove changelog.txt from the repository
8b4f99ac2 QEMU Apple Silicon: Find BIOS FD wherever
1150d1b0b Document default timeout for libpod API Container Restart
d1573b95e generate systemd: handle --restart
1eaa44959 logs -f: file: fix dead lock
3d02cfb5e network create: add warning for deprecated macvlan flag
bd6403927 cgroup-info: check if user.slice is valid before accessing value
57133bb33 Fix warning of unsupported feature on MacOS
c01f7725a TCG Accel fallback for Apple Silicon. Iss #10577
ebd37ede9 Example says there is not IP then in the next command suggests to use it
11fc0e554 kube: Add support for podman pod logs
ce5baa125 feat: add localhost into hosts if the networking mode is not host
e151f4c9f Fix #11418 - Default TMPDIR to /tmp on OS X
5d31c4250 Bump release to 3.3.1
274a3bc80 Remove unused stubs intended to start a machine with libvirt
8d9e19b03 Spell "build linux darwin" as "build !windows".
d346e6e73 Add filtering functionality to http api secrets list
90998176d machine: always check error of net.Dial, even after last try
02a0d4b7f auto-update systemd test: skip on RHEL
b3bb7da72 [#11408] podman help machine init
cba114dd3 manifest: rm should not remove referenced images.
a077335ce make podman run --systemd case insensitive
ddeaaa47c Drop dependency on iproute
e3c7e02a0 System tests: add cleanup & debugging output
abdedc31a rootlessport: allow socket paths with more than 108 chars
a55f595fe podman stop always cleanup
f9a689f3e generate systemd: clarify limitations of `--new`
1ed0a7209 Cirrus: Reduce APIv2 task timeout
1fb07c422 Make secret env var available to exec session
d674eb41e [CI:DOCS] podman cp: highlight globbing and multi-file copy
10144b707 pass LISTEN_* environment into container
9f7bad7da Use UNMERGED vbauerster/mpb PR to fix a pull deadlock
b3aee22bd Cirrus: Skip APIv2 tests for [CI:DOCS]
375c3a7b3 docs: fix indentation for userns modes
1122c66ce upgrade test: add new baseline
a2a166345 clean up socket and pid files from podman machine
06f94dd09 rootless cni: resolve absolute symlinks correctly
ec1f350ee container: resolve workdir after all the mounts happen.
de3920c0e auto-update: fix authfile label
9b7ef3dad runtime: Warn if XDG_RUNTIME_DIR is set but is not writable.
a5adc3d80 Add support for mount options to API
db60a1e65 Add support for libsubid
846941704 Globally replace http:// with https://
ab6c43f3e Shell completion for --format with anonymous fields
d28e85741 InfraContainer Rework
1e6d1e5c6 Add filter params description to volume list/prune docs
f5ce02b22 Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0
d5507704e volumes: Add volume import to allow importing contents on tar into volume
e88b62b34 Fix swagger issue
c6e12a2e4 Bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1
1dc6d1473 Fix file descriptor leaks and add test
1e176923b teardown play kube
3f22e5296 Allow setting of machine stream and image path from containers.conf
274d6fa19 generate systemd: use --cidfile again
4b2dc48d0 podman inspect show exposed ports
74ab2aaf9 Revert "generate systemd: custom stop signal"
c0b1edd6a Network interface
70801b3d7 generate systemd: custom stop signal
3007bd4a9 130-kill.bats: increase timeouts from 10s to 60s
21f396de6 logs: adjust handling around partial log messages
b20a54705 330-corrupt-images: don't try to tag with a canonical name
fc6a02033 bump github.com/containers/common
1411fa5f2 libpod/Container.readFromJournal(): don't skip the first entry
6b06e9b77 Switch eventlogger to journald by default
02e59c668 utils.RunUnderSystemdScope(): always close Conn
d06d285e6 logFile until flag issue
edddfe8c4 volumes: Add support for exporting volumes to external tar
d24a5d9fd Bump github.com/opencontainers/runc from 1.0.1 to 1.0.2
7b54a5fbe profiling: higher memory sampling rate
fe4dc452e Bump github.com/containers/buildah from 1.22.0 to 1.22.3
1493b86c7 Bump github.com/onsi/gomega from 1.15.0 to 1.16.0
feff0d3c4 Use pod netns with --pod-id-file
57a0ed182 Bump k8s.io/api from 0.22.0 to 0.22.1
319c85e89 Support for --tls-verify flag in podman run & podman create
e5d8defc4 Update README for 3.3.0 release
33fee83de add flag to record memory profiles
db7eaa98b Bump k8s.io/apimachinery from 0.22.0 to 0.22.1
c22f3e8b4 Implement SD-NOTIFY proxy in conmon
7f3f792e2 Fix network aliases with network id
fd32c73e3 Update /version endpoint to add components
745f6d949 e2e tests: fix overlay: Unknown option vfs.imagestore
16dfce486 Podman info output plugin information
0897946f6 [NO TESTS NEEDED] Clean up swagger
b19812b5a machine: compute sha256 as we read the image file
043457192 machine: check for file exists instead of listing directory
82bb999e3 Bump github.com/containers/image/v5 from 5.15.1 to 5.15.2
2d0a0c0d2 fix rootlessport flake
592fae422 Volumes: Only remove from DB if plugin removal succeeds
9dd088e55 Cirrus: Confirm CGv1 / CGv2 VM expectations
5c837fe5b Skip stats test in CGv1 container environments
dc7038288 Fix AVC denials in tests of volume mounts
77f665200 Restore buildah-bud test requiring new images
14f3658da Revert ".cirrus.yml: use fresh images for all VMs"
aeffdb05d pkg/bindings/images.nTar(): slashify hdr.Name values
cd40c875a Add ability to build images in play kube
f0247df89 Bump github.com/rootless-containers/rootlesskit from 0.14.4 to 0.14.5
970529b6a Documented ways to fix firewall rules that are lost when firewalld reloads
c1b7787a2 Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1
bfc936261 Cirrus: Resolve two upgrade-test FIXMEs
1f632f357 fix: unifiedOverlays should be assigned if no conflicts found.
e9f4d8179 Bump github.com/containers/storage from 1.34.0 to 1.34.1
e7ee15f8c cgroup-manager-systemd:Fail early if user:rootless and relevent session is not present.
3cee85531 libpod/option.go remove error stutter from wrap/wraf
fe2be7f88 make sure that signal buffers are sufficiently big
f98569946 volume: move validating volume dest from client to server.
91e21bed4 rootful: unset XDG_RUNTIME_DIR
2a8c41448 Fix rootless cni dns without systemd stub resolver
257d5e8a7 Fixed healthcheck default values when container created via compat API
d99756434 Add space trimming check in ValidateSysctls
bef26f258 rename oneshot initcontainers to once
9fc946563 Set gvproxy path to /usr/libexec/podman/gvproxy
5a32946d6 For compatibility, ignore Content-Type
404488a08 Run codespell to fix spelling
643178c1e Revert "Use static path for gvproxy"
73a755eec Fix device tests using ls test files
d0e3b3c3a Enhance priv. dev. check
cfbbc38a5 Workaround host availability of /dev/kvm
2e3ba9cd9 Change connection error to be helpful for machine users
ed30ae4a8 Add until filter to podman pod ps
800a65fb2 [CI:DOCS] Fix multi-arch image docs
4e4c4b62f Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
af46a64a8 Document source ip for the rootlesskit port handler
f7de8bc80 Bump github.com/containers/storage from 1.33.1 to 1.34.0
8b9b925e7 skip flaking auto-update test
27443660c Enable docker-py compat. testing w/ ignored result
221b1add7 Add support for pod inside of user namespace.
12ac4198c Libpod images pull changes
e7b7c90ba Reproducible Builds: trim embedded cgo paths
170fb2572 Alias build to buildx, so it won't fail
bb96da9f1 Skip cgroup-parent test due to frequent flakes
a4bdc67c4 Added autocompletion for images and system connections
1adeb2b70 podman info show correct slirp4netns path
79e4baf4c Bump github.com/onsi/gomega from 1.14.0 to 1.15.0
541e83ffe personality: Add support for setting execution domain.
88b9cbd5e Bump k8s.io/api from 0.21.3 to 0.22.0
e52187e7f show podman machine ssh command line
30df551bd auto-update: simple rollback
adee0ca59 Bump github.com/BurntSushi/toml from 0.3.1 to 0.4.1
eb2e99101 Bump k8s.io/apimachinery from 0.21.3 to 0.22.0
c9e2f2f60 [CI:DOCS] tests-expect-exit: include source line numbers
8cbbbe6ef Fix TS parsing for fractional values
3c3fa6fac implement init containers in podman
f4dd22b31 Cirrus: Fix not uploading logformatter html
ddc360fe1 Bump Buildah to v1.22.0 [NO TESTS NEEDED]
41f94a4dc Fix podman unpause,pause,kill --all to work like podman stop --all
cfcd1e186 Do not add an entry to /etc/hosts with `--net=host`
f40a0e7c8 Handle timezone on server containers.conf
e78f3e8c4 Bump github.com/docker/docker
bd29ec4c3 Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4
9cc974c96 Only support containers stats using cgroups v2
ecf103302 podman info: try qfile before equery
cc43b5133 image scp: fix typo in output
e88d8dbea fix rootless port forwarding with network dis-/connect
4acc1d685 Use static path for gvproxy
a210a2292 Compat API: Fix healthcheck status and healthcheck config
0762c7e97 Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
985c71708 Fix handling of user specified container labels
03ffba29a podman-registry: minor usability updates
0ab9d19ad Bump to v4.0.0-dev
34b28d959 e2e tests: re-enable and fix podman stats tests
c0952c733 Support size and inode options on builtin volumes
1d10ca739 Created scp.go image_scp_test.go and podman-image-scp.1.md
8ccf2539e test: move container process to a sub-cgroup
cdbbd7915 stats: add a interval parameter to cli and api stream mode
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We drop a previously backported patch, and bump to version v2.15.1-30-gf8274b78c, which comprises the following commits:
f8274b78c datapath-windows:adjust Offset when processing packet in POP_VLAN action
a2f860aa2 cirrus: Reduce memory requirements for FreeBSD VMs.
7788f1579 netdev-linux: Fix a null pointer dereference in netdev_linux_notify_sock().
dd32deba6 pcap-file: Fix memory leak in ovs_pcap_open().
9f2f66c8e odp-util: Fix a null pointer dereference in odp_flow_format().
02b0c265c odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__().
031eff456 netdev-dpdk: Fix RSS configuration for virtio.
09cd9570d ipf: Fix only nat the first fragment in the reass process.
ef8ca3e19 dpif-netdev: Fix crash when PACKET_OUT is metered.
d3ff41d60 tc: Set action flags for tunnel_key release.
079a4de72 netlink-socket: Replace error with txn->error when logging nacked transactions.
f8cc5aa35 dynamic-string: Fix a crash in ds_clone().
64d1bba91 dpif-netdev: fix memory leak in dpcls subtable set command
90b219275 dpif-netdev: Do not flush PMD offloads on reload.
b29b04f85 dpif-netdev: Fix offloads of modified flows.
1d0b89ea7 dpif-netdev: Fix flow modification after failure.
8d84a4b16 netdev-offload-dpdk: Fix IPv6 rewrite cast-align warning.
f3f7849cb daemon-unix: Fix leak of a fork error message.
8aa0f0374 ovsdb-cs: Perform forced reconnects without a backoff.
ee4e034dc datapath-windows:Correct checksum for DNAT action
72132a940 bond: Fix broken rebalancing after link state changes.
aa84cfe25 dpif-netlink: Fix report_loss() message.
aec05f7cd ovsdb-server: Fix memleak when failing to read storage.
05bdf11fc conntrack: Init hash basis first at creation.
94e3b9d9c netdev-linux: Ignore TSO packets when TSO is not enabled for userspace.
842bfb899 conntrack: Handle already natted packets.
ab873c1af conntrack: Document all-zero IP SNAT behavior and add a test case.
86d6a9ee1 python: Fix Idl.run change_seqno update.
1ba0c8365 bridge: Use correct (legacy) role names in database.
7e5293ea5 Prepare for 2.15.2.
b855bbc32 Set release date for 2.15.1.
007a4f48f dpif-netdev: Apply subtable-lookup-prio-set on any datapath.
c93358a56 netlink: removed incorrect optimization
31626579f ovs-actions.xml: Add missing bracket.
30596ec27 netdev-offload-tc: Use nl_msg_put_flag for OVS_TUNNEL_KEY_ATTR_CSUM.
728980291 conntrack: Increment coverage counter for all bad checksum cases.
881d71ea2 datapath-windows: Specify external include paths
934668c29 Remove Python 2 leftovers.
aaa596705 ipf: Fix a use-after-free error, and remove the 'do_not_steal' flag.
bc0aa785a ovsdb-idl: Fix the database update signaling if it has never been connected.
559426d2b ofproto: Fix potential NULL dereference in ofproto_ct_*_zone_timeout_policy().
f31070e27 ofproto: Fix potential NULL dereference in ofproto_get_datapath_cap().
8995d5311 dpif-netlink: Fix send of uninitialized memory in ct limit requests.
0c056891c ofproto-dpif: Fix use of uninitialized attributes of timeout policy.
121a67cad netdev-linux: Fix use of uninitialized LAG master name.
5f27ff1cf ofp_actions: Fix set_mpls_tc formatting.
e87adce83 dpif-netdev: Remove meter rate from the bucket size calculation.
a3ee3258e ovs-ofctl: Fix coredump when using "add-groups" command.
c5d2a6275 raft: Transfer leadership before creating snapshots.
553d52392 ovsdb-cs: Consider all tables when computing expected cond seqno.
8d0aebcc4 dpdk: Use DPDK 20.11.1 release.
21452722b github: Fix up malformed /etc/hosts.
90d1984b9 doc: automake: Add support for sphinx 4.0.
38a8bed70 cirrus: Look up existing versions of python dependencies.
255c38c74 ofp-group: Use big-enough buffer in ofputil_format_group().
f2c0744d2 ofproto/ofproto-dpif-sflow: Check sflow agent in case of race
ab157ef34 dpif: Fix use of uninitialized execute hash.
b1fded020 odp-util: Fix use of uninitialized erspan metadata.
f473ee568 dpif-netlink: Fix using uninitialized info.tc_modify_flow_deleted in out label.
2721606bd netdev-offload-tc: Probe for support for any of the ct_state flags.
091bc48d9 compat: Add ct_state flags definitions.
1307e90e3 Add test cases for ingress_policing parameters
d184c6ce6 netdev-linux: correct unit of burst parameter
cab998e50 ipsec: Fix IPv6 default route support for Libreswan.
b9ab7827e ovsdb-idl: Mark arc sources as updated when destination is deleted.
c82d2e3fb ovsdb-idl: Preserve references for deleted rows.
9a24ecbc2 ovsdb-idl.at: Make test outputs more predictable.
8d71feb1b ovs-ofctl: Fix segfault due to bad meter n_bands.
3a716b1d9 dpif-netdev: Refactor and fix the buckets calculation.
73ece9c87 dpif-netdev: Fix the meter buckets overflow.
d5dc16670 python: Send notifications after the transaction ends.
556e65e17 ovs-ctl: Allow recording hostname separately.
3982aee45 dpif-netdev: Fix crash when add dp flow without in_port field.
02096f1b3 Documentation: Fix DPDK qos example.
8f1dda316 raft: Report disconnected in cluster/status if candidate retries election.
79e9749da raft: Reintroduce jsonrpc inactivity probes.
2e84a4adb ovsdb-cs: Fix use-after-free for the request id.
d2c311dce connmgr: Check nullptr inside ofmonitor_report().
7307af690 ovsdb-client: Fix needs-conversion when SERVER is explicitly specified.
2a7a63571 windows, tests: Modify service test.
9b48549c6 netdev-linux: Fix indentation.
861a9f3b4 ofproto-dpif-upcall: Fix ukey leak on udpif destroy.
339044c3c ci: Use parallel build for distcheck.
38744b1bc ofp-actions: Fix use-after-free while decoding RAW_ENCAP.
33abe6c05 Prepare for 2.15.1.
8dc1733ea Set release date for 2.15.0.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Newer oe-core doesn't pull many default dependencies anymore:
https://lists.openembedded.org/g/openembedded-core/message/156185
add explicit dependency on pkgconfig through pkgconfig.bbclass as
we're using it here.
* fixes:
../../oath-toolkit-2.6.2/liboath/configure: line 30585: PKG_PROG_PKG_CONFIG: command not found
checking for gtk-doc... ../../oath-toolkit-2.6.2/liboath/configure: line 30595: syntax error near unexpected token `$gtk_doc_requires,have_gtk_doc=yes,have_gtk_doc=no'
../../oath-toolkit-2.6.2/liboath/configure: line 30595: ` PKG_CHECK_EXISTS($gtk_doc_requires,have_gtk_doc=yes,have_gtk_doc=no)'
configure: error: ../../oath-toolkit-2.6.2/liboath/configure failed for liboath
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
It misses a backslash in sed expression and causes warning when
run do_compile:
| sed: -e expression #1, char 35: Unmatched ) or \)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
5.13 hs been removed from core, so we drop our associated
configuration include. 5.14 is now the default.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
oe-core is moving to a 5.10/5.14 reference, so we adjust our
matching versions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
meta-cloud-services still has users of libibverbs, so we'll keep it
around a bit longer.
But this library has been replaced by rdma-core, and won't get more
updates, so it should be considered depreciated and slated for removal.
This reverts commit 513f05926a5bdcda033a5da6f76f4f0dddb9d41f.
|
| |
|
|
|
|
|
|
|
|
| |
Added fix_c_command.patch the -c command seems to be broken because
the passed context is ignored and always overwritten by the context
specified in the config file.
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Selinux MCS generate a single category context and may
be accessed by another machine.
link: https://gitlab.com/libvirt/libvirt/-/issues/153
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
The patch file itself is missing an upstream-status, so we add it here.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has
a use-after-free in decode_NXAST_RAW_ENCAP (called from
ofpact_decode and ofpacts_decode) during the decoding of
a RAW_ENCAP action.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-36980
Patches from:
https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
To more easily pull in fixes / backports from newer versions, switching
to git. This also allows bisecting and easier support when we run into
upgrade issues.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
libibverbs is no longer developed, and its functionaty is provided by
the rdma-core projects.
rdma-core is part of meta-networking, so we drop libibverbs and update
our dependency to rdma-core.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
