| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Updating to the latest cri-o development branches to align with
k*s testing and dev.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.5-11-g69e5db821, which comprises the following commits:
27e164648 Allow expanded DNS configuration
8cfab161f CI: Switch to available latest images
b9d5cff5d Update Go to 1.16.7
fe195c343 mergo: Upgrade to 0.3.12 to fix panic
677fade0f Prepare release notes for v1.5.5
166a81f88 snapshot/devmapper: log exported methods correctly
eb4ba99fe Install apparmor parser for arm64 environment
0bc1e1d8a update seccomp version
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not much of an update, but we pickup the latest compatibility
restrictions:
Bumping docker-distribution to version v2.7.1-32-g61e7e208, which comprises the following commits:
d836b23f [release/2.7] update to go1.16
cc341b01 Added flag for user configurable cipher suites
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.0.2-2-g04bcb7c7, which comprises the following commits:
86d83333 VERSION: back to development
52b36a2d VERSION: release 1.0.2
8ec57628 libct/cg/sd/v1: add SkipFreezeOnSet knob
1850dc16 libct/cg/sd/v1: add freezeBeforeSet unit test
4ce440f2 libct/cg/sd/v1: Fix unnecessary freeze/thaw
13b45cb4 libct/nsenter: fix unused-result warning
7cf1952f libct/nsenter: fix logging race in nsexec
e2e5267c [1.0] script/release.sh: make builds reproducible
960182fd libct/seccomp: skip redundant rules
4c70105b libct/cg/v1: workaround CPU quota period set failure
1d454045 Do not use Vagrant for CentOS 7/8
c8d8fd5b tests/rootless.sh: fixup for "update rt" test
257018e7 tests/int: fix "update rt period and runtime" for rootless
76c047f1 Evaluate Cirrus CI for Vagrant tests
466d1a1a VERSION: back to development
4144b638 VERSION: release 1.0.1
4efb7a69 libct/cg/sd: add TestPodSkipDevicesUpdate
82d3eb69 libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
2fc2e3d6 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
ef0aa849 libct/int/TestFreeze: test freeze/thaw via Set
01cd4b5f libct/int: allow subtests
22b2ff0f libct/cg/sd/v1: Set: don't overwrite r.Freezer
04edd79d libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
298a3100 Update device update tests
257723b3 ci/gha: run on release-* branches after a push
4dc207a6 cgroupv2: ebpf: ignore inaccessible existing programs
90d01a04 vendor: update github.com/cilium/ebpf
3f40fbff libct/cg/sd: Add freezer tests
c1a5b3e1 libct/cg/fs/freezer.GetState: report current cgroup state
0a5d8ba4 libct/user: fix parsing long /etc/group lines
5fd7b3b7 libct/user: ParseGroupFilter: use TrimSpace
0025bf68 libct/user: use []byte more, avoid allocations
3745b2be [1.0] retry unix.EINTR for container init process
e99c0f5e tests/int/no_pivot: fix for new kernels
84113eef VERSION: release runc 1.0.0
29168172 tests/int/cgroups: add test for bfq per-device weight
1036f3f9 libct/cg/fs2: set per-device io weight if available
30d83d4d libct/cg/fs/blkio: do not set weight == 0
d7fc3028 libct/cg/fs*: mark {Open,Read,Write}File as deprecated
8f1b4d4a libct/cg: mv fscommon.{Open,Read,Write}File to cgroups
322c8fd3 Returns clearer error message for setenv
46940ed8 update cilium/ebpf to fix haveBpfProgReplace() check
6339d8a0 libcontainer/cgroups/fs/blkio: support BFQ weight[_device]
01f5dcae build(deps): bump tim-actions/get-pr-commits from 1.0.0 to 1.1.0
bd8e0701 libct/cg/sd: fix "SkipDevices" handling
1b2abc89 github: workflows: fix tiny typo
b31a9340 libcontainer: relax validation for absolute paths
dbb35411 configs/validator: move cgroup validation to the list of checks
9573e4b6 libct/cg/fs: don't forget to close a file
9ebc573a cgroupv2: ebpf: debug info when detaching programs in fallback mode
a3ca7b47 cgroupv2: ebpf: check for BPF_F_REPLACE support and degrade gracefully
d06bda60 libct/cg/sd/dbus: fix NewDbusConnManager
535f25c4 Allow restoring with a different LSM profile
508f5bf6 libct/int: add device update test
8fe3dfbb libcontainer/system: remove alias for deprecated RunningInUserNS
3f23a736 libcontainer/configs: remove stubs for deprecated Devices funcs
b2d28c5d libct/cg/sd: fix dbus error handling
bf7492ee runc update: skip devices
c3831d64 libct/cg/fs/stats_util_test: use t.Helper
9eb0371b libct/cg/fs/memory_test: fix formatting
e969d421 libct/int/testPids: logging nits
a5bd78ef vendor: willf/bitset@v1.1.11 -> bits-and-blooms/bitset@v1.2.0
65cf0e61 Bump selinux to v1.8.2
f99d252d docs/terminals.md: add troubleshooting
49ea4b37 update crosbymichael email
3e1bcb1f libcontainer/keys: var should be sessKeyID/ringID (golint)
1fb56f9f libcontainer/cgroups/devices: if block ends with a return statement
c2416fb4 libcontainer/system: fix godoc (golint)
9be156cb libcontainer/devices: fix godoc (golint)
340fdd93 libcontainer/nsenter: fix captalization (golint)
81fc5c87 libcontainer/user: fix capitalization (golint)
e204d6a9 libcontainer/configs: add / fix godoc (golint)
c0643046 libcontainer/apparmor: split api (exported) from implementation
02fb18ed libcontainer/user: remove unused ErrUnsupported
9e964dfc build(deps): bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
470610d0 build(deps): bump github.com/cilium/ebpf from 0.5.0 to 0.6.0
31f58829 build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2
c836265b build(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.1
074aa044 build(deps): bump google.golang.org/protobuf from 1.25.0 to 1.26.0
7ca54562 Enable dependabot
e6048715 Use gofumpt to format code
1eea9253 cgroup2: io: add io.stats parsing test
0fef122f cgroup2: io: handle 64-bit values correctly on 32-bit architectures
efca32c7 cgroup2: io: map io.stats to v1 blkio.stats correctly
49d293a5 cgroup2: capitalize io stats read and write Op values
0e16e7c2 libct/cg/sd: add SkipDevices unit test
f5a2c9cc tests/int/dev: only call lsblk once
aa934af0 runc -v: set default for, always show main.version
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
752e7a82 libct/cg/sd: fix SkipDevices for systemd
fdc28957 Makefile: use git describe for $COMMIT
33c9f8b9 libct/cg/sd: return error from stopUnit
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We refresh our patch context and pickup the following commits:
Bumping runc to version v1.0.2-2-g04bcb7c7, which comprises the following commits:
86d83333 VERSION: back to development
52b36a2d VERSION: release 1.0.2
8ec57628 libct/cg/sd/v1: add SkipFreezeOnSet knob
1850dc16 libct/cg/sd/v1: add freezeBeforeSet unit test
4ce440f2 libct/cg/sd/v1: Fix unnecessary freeze/thaw
13b45cb4 libct/nsenter: fix unused-result warning
7cf1952f libct/nsenter: fix logging race in nsexec
e2e5267c [1.0] script/release.sh: make builds reproducible
960182fd libct/seccomp: skip redundant rules
4c70105b libct/cg/v1: workaround CPU quota period set failure
1d454045 Do not use Vagrant for CentOS 7/8
c8d8fd5b tests/rootless.sh: fixup for "update rt" test
257018e7 tests/int: fix "update rt period and runtime" for rootless
76c047f1 Evaluate Cirrus CI for Vagrant tests
466d1a1a VERSION: back to development
4144b638 VERSION: release 1.0.1
4efb7a69 libct/cg/sd: add TestPodSkipDevicesUpdate
82d3eb69 libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
2fc2e3d6 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
ef0aa849 libct/int/TestFreeze: test freeze/thaw via Set
01cd4b5f libct/int: allow subtests
22b2ff0f libct/cg/sd/v1: Set: don't overwrite r.Freezer
04edd79d libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
298a3100 Update device update tests
257723b3 ci/gha: run on release-* branches after a push
4dc207a6 cgroupv2: ebpf: ignore inaccessible existing programs
90d01a04 vendor: update github.com/cilium/ebpf
3f40fbff libct/cg/sd: Add freezer tests
c1a5b3e1 libct/cg/fs/freezer.GetState: report current cgroup state
0a5d8ba4 libct/user: fix parsing long /etc/group lines
5fd7b3b7 libct/user: ParseGroupFilter: use TrimSpace
0025bf68 libct/user: use []byte more, avoid allocations
3745b2be [1.0] retry unix.EINTR for container init process
e99c0f5e tests/int/no_pivot: fix for new kernels
84113eef VERSION: release runc 1.0.0
29168172 tests/int/cgroups: add test for bfq per-device weight
1036f3f9 libct/cg/fs2: set per-device io weight if available
30d83d4d libct/cg/fs/blkio: do not set weight == 0
d7fc3028 libct/cg/fs*: mark {Open,Read,Write}File as deprecated
8f1b4d4a libct/cg: mv fscommon.{Open,Read,Write}File to cgroups
322c8fd3 Returns clearer error message for setenv
46940ed8 update cilium/ebpf to fix haveBpfProgReplace() check
6339d8a0 libcontainer/cgroups/fs/blkio: support BFQ weight[_device]
01f5dcae build(deps): bump tim-actions/get-pr-commits from 1.0.0 to 1.1.0
bd8e0701 libct/cg/sd: fix "SkipDevices" handling
1b2abc89 github: workflows: fix tiny typo
b31a9340 libcontainer: relax validation for absolute paths
dbb35411 configs/validator: move cgroup validation to the list of checks
9573e4b6 libct/cg/fs: don't forget to close a file
9ebc573a cgroupv2: ebpf: debug info when detaching programs in fallback mode
a3ca7b47 cgroupv2: ebpf: check for BPF_F_REPLACE support and degrade gracefully
d06bda60 libct/cg/sd/dbus: fix NewDbusConnManager
535f25c4 Allow restoring with a different LSM profile
508f5bf6 libct/int: add device update test
8fe3dfbb libcontainer/system: remove alias for deprecated RunningInUserNS
3f23a736 libcontainer/configs: remove stubs for deprecated Devices funcs
b2d28c5d libct/cg/sd: fix dbus error handling
bf7492ee runc update: skip devices
c3831d64 libct/cg/fs/stats_util_test: use t.Helper
9eb0371b libct/cg/fs/memory_test: fix formatting
e969d421 libct/int/testPids: logging nits
a5bd78ef vendor: willf/bitset@v1.1.11 -> bits-and-blooms/bitset@v1.2.0
65cf0e61 Bump selinux to v1.8.2
f99d252d docs/terminals.md: add troubleshooting
49ea4b37 update crosbymichael email
3e1bcb1f libcontainer/keys: var should be sessKeyID/ringID (golint)
1fb56f9f libcontainer/cgroups/devices: if block ends with a return statement
c2416fb4 libcontainer/system: fix godoc (golint)
9be156cb libcontainer/devices: fix godoc (golint)
340fdd93 libcontainer/nsenter: fix captalization (golint)
81fc5c87 libcontainer/user: fix capitalization (golint)
e204d6a9 libcontainer/configs: add / fix godoc (golint)
c0643046 libcontainer/apparmor: split api (exported) from implementation
02fb18ed libcontainer/user: remove unused ErrUnsupported
9e964dfc build(deps): bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
470610d0 build(deps): bump github.com/cilium/ebpf from 0.5.0 to 0.6.0
31f58829 build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2
c836265b build(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.1
074aa044 build(deps): bump google.golang.org/protobuf from 1.25.0 to 1.26.0
7ca54562 Enable dependabot
e6048715 Use gofumpt to format code
1eea9253 cgroup2: io: add io.stats parsing test
0fef122f cgroup2: io: handle 64-bit values correctly on 32-bit architectures
efca32c7 cgroup2: io: map io.stats to v1 blkio.stats correctly
49d293a5 cgroup2: capitalize io stats read and write Op values
0e16e7c2 libct/cg/sd: add SkipDevices unit test
f5a2c9cc tests/int/dev: only call lsblk once
aa934af0 runc -v: set default for, always show main.version
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
752e7a82 libct/cg/sd: fix SkipDevices for systemd
fdc28957 Makefile: use git describe for $COMMIT
33c9f8b9 libct/cg/sd: return error from stopUnit
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
updating to the 1.4.x release series, we refresh our Makefile patch
and pick up the following commits:
6b2aa5da [release-1.4] Bump to v1.4.2-dev
130f32f0 [release-1.4] Bump to v1.4.1
6f99811c [release-1.4] Bump c/image 5.15.2 c/storage 1.34.1 c/common 0.42.1
a9f5f10c [release-1.4] Bump c/storage 1.34.0, c/image 5.15.1 and c/common 0.43.0
a44da449 Release 1.4.0
3d9340c8 vendor-in-container: update to golang:1.16
961d5da7 Accept repositories on login/logout
fb03e033 update c/common, c/image, c/storage
d70ea890 Update on Building on Ubuntu
ce6035b7 Add timeouts when waiting on OpenShift or the registry to start
3a8d3cb5 Add docs and bash completions
aeb61f65 Add support for decompressing while copying to dir://
76eb9bc9 Update to enabled containers/image version
a1f9318e Fix two instances of unused err found by go-staticcheck
d82c6621 Bump github.com/containers/storage from 1.32.6 to 1.33.0
f0c49b5c Multi-arch image build: Daily version-tag push
5e550664 CONTRIBUTING: small fixes to commands
726d982c Fix --tls-verify
bb447f2f Test both imageOptions and imageDestOptions in TestTLSVerifyFlags
2a98df6b Split testing of --tls-verify into separate TestTLSVerifyFlags
a6cf2f42 Add the --tls-verify option to (skopeo logout)
285a5cb6 Fix using images from rate-limited docker hub
02bacf57 Use Fedora container for doccheck
ae0595c5 Man page validation: part 2 of 2
ec73ff3d docs: Adding info re container signatures
e460b9aa [CI:DOCS] Multi-arch image workflow: Make steps generic
ee054863 Update nix pin with `make nixpkgs`
2476e99c Cirrus: Freshen CI images
76103a6c Bump github.com/containers/common from 0.40.1 to 0.41.0
990908bf Bump github.com/containers/storage from 1.32.5 to 1.32.6
ede29c91 Remove an unnecessary break
75f0183e Remove an unnecessary Sprintf
7ace4265 Fix TestDockerRepositoryReferenceParser
3d4fb09f Remove unused code
4efeb71e Set cobra.Command.CompletionOption already in createApp
a0ce5421 Bump version to v1.4.0-dev
f80bf8a3 Revert "integration tests: disable `ls` for logs"
c39b3dc2 CONTRIBUTING: update vendoring instructions
8eaf0329 disable `completion` command
aeb75f38 Bump github.com/spf13/cobra from 1.2.0 to 1.2.1
83603a79 Bump github.com/spf13/cobra from 1.1.3 to 1.2.0
6d6c8b56 Update tests for removal of error and Error from error messages
09282bcf Fix some comments in man-page-checker
09ca3ba4 Improve the description of (skopeo list-tags)
22908fb3 Include the mandatory --output option in synopsis of (skopeo standalone-sign)
a3725128 Support **non-replaceable strings** in synopsis
e4d13920 Use (make validate-local) in the validate target
e716b2fa man page checker - part 1 of 2
97eaace7 Cirrus: Rename cross -> osx task, add cross task.
30c0eb03 Bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2
5918513e Cirrus: Add vendor + tree status check
b20c2d45 Run unit tests as well, not integration tests twice
d0f7339b Bump github.com/containers/storage from 1.32.4 to 1.32.5
012ed661 Reintroduce the GNU semantics of DESTDIR
c30b904c Add --retry-times to markdown docs
9fbb9abc Workaround quay.io image build failure
4417dc44 Update brew to avoid 403 on accessing https://homebrew.bintray.com
93b819a7 Fix automation re: master->main rename
e7c5e9f7 Bump github.com/containers/storage from 1.32.3 to 1.32.4
1eac38e3 Bump github.com/containers/common from 0.40.0 to 0.40.1
b1e78efa Bump github.com/containers/storage from 1.32.2 to 1.32.3
298f7476 Bump github.com/containers/image/v5 from 5.13.1 to 5.13.2
5778d9bd Fix documentation of the --format option of skopeo copy and skopeo sync
df170047 Bump github.com/containers/common from 0.39.0 to 0.40.0
ad4ec8b4 Cirrus: New VM Images w/ podman 3.2.1
abdc4a7e Bump github.com/containers/image/v5 from 5.12.0 to 5.13.1
bcc18ebf Update nix pin with `make nixpkgs`
9b9ef675 Fix multi-arch build version check
9a5f009e [CI:DOCS] Fix docs links due to branch rename
865407ca Bump github.com/containers/storage from 1.32.1 to 1.32.2
10c4c877 Update nix pin with `make nixpkgs`
e32f3f17 Bump github.com/docker/docker
76110014 Fix wrong directory name
a0b6ea28 Support [CI:DOCS] mode
e5cb7ce1 install.md Building Docs needs MacOS section
c8060838 Bump github.com/containers/storage from 1.32.0 to 1.32.1
cac3f2b1 Bump github.com/containers/common from 0.38.4 to 0.39.0
6452a9b6 Multi-arch github-action workflow unification
184f0eee Bump github.com/containers/storage from 1.31.1 to 1.31.2
65ed9920 Move to v1.3.1-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 0.21-15-g360f5d0, which comprises the following commits:
2199d10 tests: update containerd version
1798d5a cgroup: chown cgroup to root
b5cdeb5 cgroupv1: add support for setting memory.use_hierarchy
7cfdf09 Makefile.am: link libcrun to $(FOUND_LIBS)
d4d1825 linux: treat pidfd_open EINVAL as ESRCH
62149b3 Update nixpkgs
ac00581 Dockerfile: delete file
c4c3cdf NEWS: release 0.21
69bd7dc Doc: cgroups v2 and RT processes unsupported
6397998 krun/kvm: crun should silently/gracefully switch to krun when needed.
92499bd container: wrap execv in retry-on-eintr
b04a335 cgroup: lookup pids controller as well
448494e README.md: drop travis badge
1bbf562 Reflect #696 in crun's manpage
e836219 rpm: fix license
2b88faa status: add fields for owner and created timestamp
b07c389 criu: fix error check
09401bb linux: fix unitialized variable
b222968 cgroup: fix a memory leak
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker-cli to version v20.10.8-2-g62eae52c2, which comprises the following commits:
2012fbf11 Update Go to 1.16.7
0b924e51f Update to go1.16.6
6288e8b1a change TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test
1e9575e81 cli/config/configfile: various test cleanups
c98e9c47c Use designated test domains (RFC2606) in tests
8437cfefa context: deprecate support for encrypted TLS private keys
68a5ca859 cli/context: ignore linting warnings about RFC 1423 encryption
8a6473963 Update Dockerfiles to latest syntax, remove "experimental"
1d37fb302 Deprecate Kubernetes context support
0793f9639 Deprecate Kubernetes stack support
b639ea8b8 Deprecate Kubernetes stack support
Bumping docker to version v20.10.8-2-gd24c6dc5cf, which comprises the following commits:
decb56ac89 Update Go to 1.16.7
e8fb8f7acd [20.10] update containerd binary to v1.4.9
4cfeb27f78 update runc binary to v1.0.1
067918a8c3 [20.10] update containerd binary v1.4.8
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker-cli to version v20.10.8-2-g62eae52c2, which comprises the following commits:
2012fbf11 Update Go to 1.16.7
0b924e51f Update to go1.16.6
6288e8b1a change TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test
1e9575e81 cli/config/configfile: various test cleanups
c98e9c47c Use designated test domains (RFC2606) in tests
8437cfefa context: deprecate support for encrypted TLS private keys
68a5ca859 cli/context: ignore linting warnings about RFC 1423 encryption
8a6473963 Update Dockerfiles to latest syntax, remove "experimental"
1d37fb302 Deprecate Kubernetes context support
0793f9639 Deprecate Kubernetes stack support
b639ea8b8 Deprecate Kubernetes stack support
Bumping moby to version v20.10.8-2-gd24c6dc5cf, which comprises the following commits:
decb56ac89 Update Go to 1.16.7
e8fb8f7acd [20.10] update containerd binary to v1.4.9
4cfeb27f78 update runc binary to v1.0.1
067918a8c3 [20.10] update containerd binary v1.4.8
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.4+k3s1-1-g656c190629, which comprises the following commits:
656c190629 Reset load balancer state during restoraion (#3878)
3e250fdbab Update Kubernetes to v1.21.4-k3s1
5802b429f8 Bump containerd to v1.4.9-k3s1
abb6581a94 Bump helm-controller to work around tiller crashes
e45726f610 Fix URL pruning when joining an etcd member
18bc38d838 account for an s3 folder when listing objects (#3807) (#3812)
12ec437605 fix Node stuck at deletion (#3775)
69047a35c0 Bump helm-controller to v0.10.2
cc694b1f09 Notify systemd for etcd only node (#3733)
e6247d583c [Backport 1.21] Cannot write data to local PVC (#3721)
786f91b997 Fix multiple bootstrap keys found
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v3.3.0-2-g8809aed56, which comprises the following commits:
8aeaf681d Bump to v3.3.1-dev
98f252a3a Bump to v3.3.0
2408247f4 Final release notes for v3.3.0
dd3a49703 Fix network aliases with network id
b5e04ae11 machine: compute sha256 as we read the image file
a52b6bf23 machine: check for file exists instead of listing directory
b71ef443a pkg/bindings/images.nTar(): slashify hdr.Name values
f0d0c48d2 Volumes: Only remove from DB if plugin removal succeeds
89818f72b For compatibility, ignore Content-Type
7fb7f15af [v3.3] Bump c/image 5.15.2, buildah v1.22.3
5fc7c880a Implement SD-NOTIFY proxy in conmon
15fff7d91 Fix rootless cni dns without systemd stub resolver
63e06acfe fix rootlessport flake
a92441e1b Skip stats test in CGv1 container environments
37b22af33 Fix AVC denials in tests of volume mounts
daa311db3 Restore buildah-bud test requiring new images
2757d868c Revert ".cirrus.yml: use fresh images for all VMs"
cd0677d89 Fix device tests using ls test files
ce7ed3359 Enhance priv. dev. check
1d54315b6 Workaround host availability of /dev/kvm
c0d0d31c4 Skip cgroup-parent test due to frequent flakes
0c7f08805 Cirrus: Fix not uploading logformatter html
a098eafce Bump to v3.3.0-dev
7aa18e0a6 Bump to v3.3.0-RC3
e200b07f5 Release notes for v3.3.0-RC3
204ac5d46 [v3.3] Bump c/storage to v1.34.1 and c/image to v5.15.1
440188f3b fix gvproxy path search for macos
de67e990e Bump to v3.3.0-dev
88559c197 Bump to v3.3.0-rc2
1acbdf940 Set gvproxy path to /usr/libexec/podman/gvproxy
7442f0b85 Revert "Podman Pod Create --cpus and --cpuset-cpus flags"
61a5e9812 Address review comments
e63753afd Final release notes for v3.3.0-RC2
f9f315c75 Document source ip for the rootlesskit port handler
66c0024a0 podman info show correct slirp4netns path
d746a7e09 show podman machine ssh command line
4b42265b5 Fix TS parsing for fractional values
85d5c24ed Handle timezone on server containers.conf
67bf11e8c Fix podman unpause,pause,kill --all to work like podman stop --all
a1afb2300 Do not add an entry to /etc/hosts with `--net=host`
a82006160 Only support containers stats using cgroups v2
c836ffe5b Compat API: Fix healthcheck status and healthcheck config
04e59f11d podman info: try qfile before equery
870576b39 test: move container process to a sub-cgroup
cb7f0a302 Fix handling of user specified container labels
d749770fe Release notes for v3.3.0-RC2: Initial
0c82c6fa8 Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4
0eec16ce9 fix rootless port forwarding with network dis-/connect
50c6cc229 [v3.3] Bump to Buildah v1.22.0 [NO TESTS NEEDED]
b1c9c5b5f Disable aarch64 support
489e0f075 Cirrus: CI Support for v3.3 Branch
b347a3583 Bump to v3.3.0-dev
ce0dee984 Bump to v3.3.0-rc1
c1156d48b Bump github.com/containers/storage from 1.33.0 to 1.33.1
58672847e Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0
9d33abac6 Fix auto-update system test for older systemd
2a484e782 ps: support the container notation for ps --filter network=...
732ece6ae Add `--accept-repositories` integration tests
d59391c04 system tests: fix race in stop test
2b5d9cd7d Fix: healthcheck tests use .Should() instead of .To()
872c442e6 Remove ReadHeaderTimeout
724d04823 rootless: avoid zombie process on first launch
1d34a2c4c Update transfer.md
ec9dad7e4 buildah bud tests under podman-remote
a9f6592af Fixed Healthcheck formatting, string to []string
4df6e31cc remote build: fix streaming and error handling
e3b0ba928 [CI:DOCS] Update podman-cp manpage
013267006 cp: consolidate and simplify
67d439197 rootless: check that / is mounted as shared
32b589216 Multi-arch image build: Daily version-tag push
60b9e8c0d Added tests for out of and into pod checkpoint and restore support
eb9446778 Support checkpoint/restore with pods
3375cbb19 Vendor in go-criu v5.1.0 for Pod checkpoint/restore support
92dce3e2f Prepare CRIU version check to work with multiple versions
b09073832 Bump github.com/containers/storage from 1.32.6 to 1.33.0
0aec93edc cp system tests: reduce number of exec's
6fe03b25a support container to container copy
63ef5576e command: migrate doesn't move process to cgroup
a0313ef92 rootless: do not overwrite err variable
7689783ae exec: fix cleanup
fd1f57b3a Fixed Healthcheck formatting, string to []string
7fa4d2cb1 Add prune until filter test for podman volume cli
8d5d5face dual-stack network: fix duplicated subnet assignment
5473490c6 fix: podman manifest push respect --tls-verify flag
c197d19fe play kube: support capitalized pull policy
1b6423e9f refine dangling checks
23a938fa2 Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0
1a188f622 Add tests to verify CORS is enabled
2c9f18100 Fix handling of shadow-utils
dcb5c92c0 import: write stdin to tmp file
8f9d33b7f Networking test: fix silent breakage
0f708efd8 Implemented --until flag for libpod's container logs
9c659b3bc docs: fix broken remote client link
2d8e837a9 Add until filter to volume ls filters list
12f4b14a1 Add notes to flags not supported on cgroups V2
3e79296a8 Support DeviceCgroupRules to actually get added.
4376f14c3 Ensure journald events tests only run where supported
ac588c751 [CI:DOCS] Fix GitHub URL to Podman logo
db2f47428 Drop podman create --storage-opt container flag
595227095 e2e tests: prevent 'Expect(ExitCode())' pattern
064bd9d19 Copy the content from the underlying image into the newly created volume. Fixes: #10262
313c7118e system tests: cleaner, safer use of systemd
e64545004 [CI:DOCS] Multi-arch image workflow: Make steps generic
2b98a226b system test: auto-update: multiarch fixes
caf03fd7a system test: auto-update: allow running as rootless
117850e6e Fix handling of selinux labels in podman play kube
6430c1316 [CI:DOCS] refine the runlabel man page
eaaca4999 compat: image create: handle platform correctly
80e807a19 Flake Fix: Wait before connecting container port
c622c7f2a (minor) typo fix: timeout variable
0784a5d04 Bump github.com/opencontainers/runc from 1.0.0 to 1.0.1
b92bbfd76 Just restore protections of shadow-utils
81e32b180 Kube: Add liveness probe for containers.
b8accad0e Update Release Notes and README for 3.2.3
50fcb06e7 Bump k8s.io/api from 0.21.2 to 0.21.3
2e02942d4 vendor containers/common@main
6f1c7a0b6 systemd: require network*-online*.target
e1ac0c303 vendor containers/common@main
e3a09c51e Bump k8s.io/apimachinery from 0.21.2 to 0.21.3
be51173ed APIv2 (python) tests: fix flake
9924c57d4 podman start: remove containers configured for auto removal
af40dfc2b --infra-name command line argument
7996e2b82 Randomize the auto-update of podman containers
e4dcb1004 System tests: fix a multiarch problem
ec6150751 Correct a typo in documentation
f7321681d podman pod create --pid flag
0007c98dd Fix race conditions in rootless cni setup
547fff270 e2e tests: use Should(Exit()) and ExitWithError()
59f31d86a auto-update: add --dry-run
e73d48299 CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf
c9970647b podman-remote build use .containerignore over .dockerignore
100c23dc5 Fix up documentation of the userns audit flag
48e6a8eed Return macvlan object in /network REST API response Fixes: #10266
6ced24d0b Fix broken volume and container tests
01cfb51fe auto-update: make output more user friendly
92c9def93 Update nix pin with `make nixpkgs`
cbbb1a80f Perform a one-sided close of HTTP attach conn on EOF
7d6f3c4dc Bump github.com/google/uuid from 1.2.0 to 1.3.0
6fcf0b2f3 auto update: minor style nits
a90a4ec7c auto update: pass through a context
a8847c01f auto-update: use libimage for image checks
eda8d1f58 auto update: fix authfile detection
db26e1ef9 auto-update: make restarted unit more obvious
6ca574dc3 Update USE in order to fix tests
fe044d51e Fix cirrus-cron failure notification GH workflow
6cac65c84 fix: uid/gid for volume mounted to existing dir
084dbeb56 Bump github.com/containers/storage from 1.32.5 to 1.32.6
00db5c6ea Manifest create subcommand should accept more than 2 arguments
48ff2ef5a Don't exclude Dockerfile, Containerfiles from tar content
6bdb990c9 Restore headers of optional information in 'podman pod ps'
4624142c2 Implemented Until Query Parameter for Containers/logs
a2d15d981 Mention new hostname for loopback IP
daebdf385 Add container config to compat image inspect
00ed696ed fix: logo not loading after barnch renaming
95c463785 Update docs/tutorials/rootless_tutorial.md:
e5fcffc55 Remove GetStore function from Libpod
563532aef Bump github.com/onsi/gomega from 1.13.0 to 1.14.0
38863e764 Replace old RESTful tutorial with updated README
38bef70b3 manifest push --rm: use libimage for removal
2c7c67958 Make rootless-cni setup more robust
518457b35 Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3
59abb77fc multiple image pull support
4ea4a92c0 Fixed notation for macOS
0c9dc86de Create podman temp dir on machine start
ed51e3f54 podman service reaper
84da70a0f update shell completion scripts
924cd37a3 Bump github.com/spf13/cobra to v1.2.1
8f6a0243f podman diff accept two images or containers
735be1248 force github.com/spf13/cobra@v1.1.3
7eb9ed975 vendor containers/common@main
8606ead91 [CI:DOCS] podman search: clarify that results depend on implementation
493786fba podman: ignore ESRCH from kill
86c601414 Implement --archive flag for podman cp
092902b45 Handle advanced --network options in podman play kube
40ef17ac2 Cirrus: Fixes due to master->main rename
8b52204ba vendor containers/common@7482cf851dcc
2243b6020 reset: remove external containers on podman system reset
2ce78aace Enhance system connection add URL input
6d37e0348 Add CNI rootless networking troubleshooting for v2.2.1
05f39af5b Bump github.com/containers/storage from 1.32.3 to 1.32.5
3e8c0e00d Make system connection ls deterministic
fb5f70296 Bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2
1edada477 Makefile: remove install.cni
3d0e08f04 prefix `ETCDIR` with `${PREFIX}/`
f95b0995e remove `pkg/registries`
e7507fe7c make DriverOpts name consistent.
a7a701196 fix: swapped volume relabel option values
364e8a26d pkg/systemd: don't require LISTEN_FDNAMES for socket activation
b39aacf32 add @mtrmac to OWNERS
b1082696e cp: do not allow dir->file copying
ee7a9d736 [NO TESTS NEEDED] suggestions for incorrect cmds
b56b4b537 read secret config from config file if no user data.
15fbf950e [CI:DOCS] podman save: clarify formats and transports
9db534e53 [NO TESTS NEEDED] Create /etc/mtab with the correct ownership
7d83f9b6c [CI:DOCS] Follow-up to PR 10676
bbd085ad1 Podman Pod Create --cpus and --cpuset-cpus flags
6ecdf4c38 Health Check is not handled in the compat LibpodToContainerJSON
f2dff41db Support log_tag defaults from containers.conf
525cb54e1 [CI:DOCS] push/pull docs: clarify supported transports
5fc622f94 create: support images with invalid platform
f26fa5392 Podman Stats additional features
1aa9dcfad markdown/*: typos 'a image'
d12027e0d disable tty-size exec checks in system tests
a0b24de32 Add support for volume prune until filter to http api
1f388ede6 Add --format to connection list
a84fa194b getContainerNetworkInfo: lock netNsCtr before sync
e01460853 Do not use inotify for OCICNI
7f98d2ddb docs: podman-rmi removes dangling parent images
ee4cab0e0 logs: k8s-file: restore poll sleep
f4ba433b1 logs: k8s-file: fix spurious error logs
0fb165ed0 Fix systemd-resolved detection.
9cc3473b5 Bump k8s.io/api from 0.21.1 to 0.21.2
1e36be439 Add support for podman login --verbose
7864108ff fix systemcontext to use correct TMPDIR
9a02b5055 Add an entry for `/run/user-$UID/libpod` to tmpfiles
b56d6c646 Bump github.com/containers/storage from 1.32.2 to 1.32.3
d39823085 Bump k8s.io/apimachinery from 0.21.1 to 0.21.2
2bd382c8c Fix documentation of the --format option of podman push
b6662eed3 Vendor in containers/common v0.40.0
bd9987239 Scrub podman commands to use report package
6b230bc92 Fix multi-arch image build clone:failure
705b799af Cirrus: Prevent BZ1965743 workaround pruning
e344a5899 [CI:DOCS] UPDATE manpages with MANPAGE_SYNTAX
666f555aa Fix resize race with podman exec -it
404d5edb1 .cirrus.yml: use c5521575421149184 for Ubuntu
769df3207 test: drop invalid test
969cc3237 utils: move message from warning to debug
517479731 utils: improve error message
eb927dc84 Docs Switch from Query Param to Header
9c81b8cf7 add correct slirp ip to /etc/hosts
fc9868e22 Fix panic condition in cgroups.getAvailableControllers
2a974e8b9 Create user storage dir with correct permissions
5f2c0f63a Fix building static podman-remote
81eb71fe3 Fix permissions on initially created named volumes
3ddadc532 Image import fromSrc now supports OS/Arch
302b3084e Restart all containers with restart-policy=always on boot
e8006c797 Fix handling of podman-remote build --device
4bca1984a UPDATE manpages with MANPAGE_SYNTAX
8d860cfcd podman-run.1.md:detach-keys: spell the default value just once
ded2f004f Fall back to string for dockerfile parameter
44d9c453d Fix network connect race with docker-compose
ad3b56c62 Fix volumes with uid and gid options
3a65ba2fa Add support for podman remote build -f - .
991647c77 Add documentation on ignore_chown_errors
40d70334e System tests: the continuing multiarch saga
62f4b0a19 Add ExecDied event and use it to retrieve exit codes
341e6a162 Always spawn a cleanup process with exec
4a4fe48cc Fix docs links due to branch rename
240bbc3bf Fix pre-checkpointing
3b6cb8fab container: ignore named hierarchies
d9a1c34e4 Fix restoring of privileged containers
c3a14103f Fix build tags for pkg/machine...
b5890fc86 Bump github.com/containers/storage from 1.32.1 to 1.32.2
e7e09bf2f Update nix pin with `make nixpkgs`
d5527c330 System tests: deal with crun 0.20.1
11badab04 rootless: fix fast join userns path
8e89d7071 [CI:DOCS] Update swagger for inspect network
a9cb82498 podman-remote build should handle -f option properly
5117deda0 fixed docs and schemas
18fa124df Improve systemd-resolved detection
84b55eec2 logs: k8s-file: fix race
a5ad36c65 Fix image prune --filter cmd behavior
346c7fda6 Bump github.com/containers/buildah from 1.21.0 to 1.21.1
c60548279 remote pull: cancel pull when connection is closed
8378a9c4d Fix network prune api docs
5e7876089 auto-update tests: various fixes
f6d9dbb62 [CI:DOCS]instructions for podman machine on macs
260192670 Fix compat create with NetworkMode=default
17193e468 System test: Add podman auto-update related test cases
a2b842df4 Version bump: 3.3.0-dev
949374e58 Added tests for different checkpoint archive compressions
68070f1b2 Add --compress to podman-container-checkpoint.1.md
8aa5340ad Add parameter to specify checkpoint archive compression
10875a67e Order checkpoint options in man page alphabetically
ab7e7f651 UPDATE MANPAGE_SYNTAX (commit,attach,auto-update)
13a807b86 fix go-bindings examples with v3 new parameters
8f89bc4e0 [CI:DOCS] Document which CNI fields are encoded
1f73374ac remote: always send resize before the container starts
9c5048544 remote events: support labels
ce01b4f09 made requested changes, fixed api tests
2810c478a Add CORS support
df7c3a703 [CI:DOCS] fix incorrect network remove api doc
e23c5b25f Add restore --publish to the man page
837ba7ec3 Add test for restore --publish
1ac9198d7 Allow changing of port forward rules on restore
86610c785 remote events: fix --stream=false
9ac526759 systemd/generate: change type to notify
346c08225 Update main branch to reflect 3.2.0 release
b928278e6 extend docs to include help for when pub/priv key is signed with an unsupported algo
735470ff2 Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
48ea142ca Bump github.com/docker/docker
b36278c3e Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2
df2e7e00f add ipv6 nameservers only when the container has ipv6 enabled
366016fa8 Bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4
433a5a8c7 Fix spacing in buildthedocs
37f39eefe events: support disjunctive filters
b6167cedb System tests: add :Z to volume mounts
ff79b2e5a Fix link error
433674918 Use secrets and machine rst file properly
2cc4535e1 added tests in python rest api
7ef3981ab Enable port forwarding on host
ad182976b Use request context instead of background
1daaf34d7 [NO TESTS NEEDED] API list networks should return [] when used with no networks
249da1b93 [CI:DOCS] rm containers-mounts.conf.5.md
ef8ba99ff Use request context instead of background context
3330f9876 Better error handing for images/create compat api
d657a070d Bump github.com/uber/jaeger-client-go
761466dca Bump github.com/onsi/ginkgo from 1.16.2 to 1.16.3
fb4a0c572 support tag@digest notation
530721841 generate systemd: make mounts portable
699272ed2 add missing space
51a8e01f8 [CI:DOCS] point IRC to libera.chat
2addc0f90 rootless: fix SIGSEGV ,make LISTEN_FDNAMES optional [Closes #10435]. [NO TESTS NEEDED]
5bd1b7dfd Update a way out of date transfer document
6deb1bc2a Manpage syntax proposal
33944cefe [Techinal Debt] Cleanup ABI vs. Tunnel CLI commands
c9609d820 Vendor in containers/storage v1.32.1
9822c3309 create libimage-events channel in main routine
8e5388e41 Add options to podman machine ssh
61167834f Bump github.com/onsi/gomega from 1.12.0 to 1.13.0
de293c980 Handle image user and exposed ports in podman play kube
fad6e1d3e Ensure that container still exists when removing
533d88b65 Add the option of Rootless CNI networking by default
10569c988 journald logger: fix race condition
d1c9e034f libimage-events channel: fix data race
568e911b8 Bump github.com/containers/common from 0.38.4 to 0.39.0
738a8fe63 Add podman run --gpus flag for compatibility
e6a3d6aac Fix race on podman start --all
9ab3fd876 Fix race condition in running ls container in a pod
586af5c74 docs: --cert-dir: point to containers-certs.d(5)
afe33573d Handle hard links in different directories
2f5552c32 Podman info add support for status of cgroup controllers
f22791aec Handle hard links in remote builds
4c095aa7e Improve OCI Runtime error
3c82059c3 Sync. workflow across skopeo, buildah, and podman
8bf852d5f Match swagger to "as built" output
0766777d6 Document all transports for podman manifest add
6ca721ccc Drop container does not exist on removal to debugf
94665bdf0 Bump github.com/containers/storage from 1.31.1 to 1.31.2
7bcfae44b Downgrade API service routing table logging
c553181fd Vendor in containers/buildah v1.21.0
5a0257d46 Fix network create macvlan with subnet option
8352e5bc3 add libimage events
26652111b Bump github.com/opencontainers/runc from 1.0.0-rc94 to 1.0.0-rc95
12aa71ab8 Use correct extension for example network config
898a8ad28 update c/common
2b89b2414 Add support for podman manifest rm command
55f00bac0 Clear the storage-options from the graphdriver if users specifies --root
44c493717 Bump k8s.io/api from 0.21.0 to 0.21.1
bc0e12a04 Fix problem copying files when container is in host pid namespace
379df7f2c docs: generate systemd: XDG_RUNTIME_DIR
af748b94e Bump k8s.io/apimachinery from 0.21.0 to 0.21.1
6b187e445 Bump github.com/vbauerster/mpb/v6 from 6.0.3 to 6.0.4
92e858914 fix: response body of containers wait endpoint
98955bedb Break up python APIv2 tests
8f3605e7d Add script for identifying commits in release branches
bab7caafe Fix formatting and indentation in network http api docs
cf30f160a Support uid,gid,mode options for secrets
0d811b233 Several shell completion fixes
6efca0bba Ensure that :Z/:z/:U can be used with named volumes
4cc19f9e0 Support automatic labeling of kube volumes
b75bb4665 Create the /etc/mtab file if does not exists
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping kubernetes to version v1.23.0-alpha.1-58-gf6331c74b67, which comprises the following commits:
6616655b7b6 create common interface for controllers.
c1284118156 fix typo: Modify PodTrackingWithFinalizers to JobTrackingWithFinalizers
6dfae64d9be REST: Document mutable inputs on Create()
42c7e621804 Fix registry tests to look at result objects
75dea6b8bc2 Service REST: Use DeepCopy() on Create() and fix tests
322bc827771 Fix buffered signal channel go vet error
183498a410c Adds CancelRequest function to CommandHeadersRoundTripper
bdedd2a4c16 apiserver: add key/value pair to httplog
3a660b72941 bump e2e loadbalancer timeouts to 15m
2c73d7834ac update vendor
e1e4408ab34 allow k8s.io/utils/net imports
0cd75e8fec6 run hack/update-netparse-cve.sh
e9ddac5d853 rename net.ParseCIDR on messages to avoid false positives
06f2d678eec update and verify netparse
c2532351525 vendor: bump k8s.io/util to get fix for LRU cache
21491aa5a1a Bump livenessprobe to 2.4.0 in e2e hostpath driver spec
0af1c83e035 CHANGELOG: Update directory for v1.22.1 release
b1a6f8cdf90 kubectl proxy: append context host path to request path
950c4dafecb CHANGELOG: Update directory for v1.23.0-alpha.1 release
3c1a3dea59c test images: Adds Windows Server 2022 to the BASEIMAGEs
c3509f49f96 Update-vendor to add k8s.io/utils/strings/slices/
25453708ea2 Remove pkg/utils/slice from kube-proxy
b18d6ee61d0 Update cobra to v1.2.1
f5e97186d29 Lower requests b/c multiple containers will leave pending pods
ccbdf041a2f Fix slice type comparison bug
0ba731253e0 add tkashem as a reviewer of apiserver
513b55b00d8 hostNetwork tests can't share the same port
6a6e24702c9 Update cri-tools to v1.22.0
fa9d5546cdf Upgrade the default csi-proxy version installed by kube-up.sh
f9375f20584 Update kubectl GitHub support issue template
5e03a1f070e Regenerate applyconfigurations
ffed59d168c Fix allowed imports for kube-openapi
0e925f266f7 Update unit tests to handle go1.17 certificate parsing error messages
72fd01095de re-order imports for kubeadm
b15c2130aad Bump k8s.io/kube-openapi
7cbac6bde0f [volumeScheduling/metrics] Fix buckets initialization
76f03f000a1 Fix use variables in the loop in vsphere_util
04d83edd3c3 SCTP tests run only on 2 nodes
5b3c226c34a Add name and namespace to structuredmerge errors
00dd02f89c8 test images: Use PULL_BASE_SHA for non-git image building
cdbfd009dac Mention seccomp annotation removal in v1.25
edc19b80727 fix: skip case sensitivity when checking Azure NSG rules
804ce496e32 image: Change http to https
7953cf0ce9f fix typo of rate limiter
8264dbe17d0 Add unit tests for validateStructuralInvariants
28de406a379 Allocator renames for clarity
907fceb2067 Remove unused NewContiguousAllocationMap
9c4d5b69ecf Fix storage class setup in regional_pd.go
a26f7f2b58d Add non-vendor version ldflags
87a4e082aca Change defaulter-gen input to package path
a619be8e48f bump gengo to include defaulter-gen package support
eba9d33c3ee Fix insufficient privileges to bind to port
37e9517c2f6 Fix typo in CHANGELOG-1.22.md
d2a27a58f0a Fix extra latency and add tests for that and width
29bd66d0189 Remove "pkg/controller/volume/scheduling" dependency from "pkg/scheduler/framework/plugins"
4849bdcc0a1 updating co-chairs
27f15035147 rename audit Checker interface
aa9380e017a Add termination hook to the startup script - GCE Windows
e36a14730bd reducing the number of containers created based on the ports used
6e3923d0a4f send retry-after until ready
096c3e8f2d2 kubeadm: further improve the dynamic version population
c295a850c66 update instrumentation reviewers
593eda4ad34 Add unit tests for local volume expansion
d68186452d9 apf: free seats in use after additional latency
05beda5c402 Increase time to wait for nodes to become unready
704628fde41 Update golang used in etcd image to 1.16.7
1013e000af5 code cleanup:fix spelling mistake in CHANGELOG-1.22
67e14290aae Fix build with multiple GOFLAGS
145cec925af reduce the number of containers created by 66%
8771d60e541 CHANGELOG: Update directory for v1.21.4 release
874199aff28 CHANGELOG: Update directory for v1.20.10 release
c4f18223dab CHANGELOG: Update directory for v1.19.14 release
c69f55519e2 Revert "E2E test for kubelet exit-on-lock-contention"
11ed96baf57 generated swagger docs
dfaeacb51f9 CSIDriver: allow "StorageCapacity" to be modified
ea3c7d98a5c test images: Removes Windows 1903 and 1909 images
d9f22688166 test images: Adds sync.exe to Windows agnhost images
94ac8962693 test images: Simplifies the agnhost binary version
3b6cd89f016 add aojea to test OWNERS
1181421112c Update version of Cluster Autoscaler to 1.22.0
e6cb526f6bb set umask on linux and darwin when testing kubeadm copycerts
ff7307bf9c2 fix single pointer variable
3af26bae2c3 Refactor defaultpreemption for out-of-tree plugins
c799a37654d revert test STABLE declaration
08bec6da0fc Keep MakeMountArgSensitive and add a new signature that receives flags
83889ae5940 apiserver: refactor WithRetryAfter server filter
c4ecdad5708 Copy golang license to staging copies
0379c8f96a7 Fix documented version for DisableKubeletCloudCredentialProviders feature gate
3182b69e970 apiserver: add a new mode for graceful termination
e8381733068 apiserver: rename test variables
f63dbd481fc Warn if docker buildx is not available
95e000fd657 support kubeadm join dry-run
1db36ae3b30 Refactor goroutine counting
75f0a94aba5 Remove 1.20.0 API test data
bb08d70f403 Add 1.22 API test data
30e9a420c46 kubelet: fix sandbox creation error suppression when pods are quickly deleted
1ea65e6213c remove listx from OWNERS_ALIASES
86c6e25016a Typo in a comment.
b9b76dba6ee Update the unit tests to handle mountFlags
338f8ba0bf8 Add missing interface method in mount_unsupported.go
296b30f1436 Pass additional flags to subpath mount to avoid flakes in certain conditions
3b0c8980824 Regenerate openapi
f98ff655647 Drop DefaultGarbageCollectionPolicy checks for legacy apps REST API versions
97c5b8de9ae Drop legacy validation logic for CRD API
e3538edc227 kubeadm: update unit tests to support dynamic version updates
207ffa7bdc6 kubeadm: dynamically populate the current/minimum k8s versions
1ceb118e3cb Drop legacy status logic for volumeattachments API
c702dd43940 Drop legacy validation logic for networking API
b1d344db44d Drop legacy validation logic for certificates API
befffd1565e Drop legacy validation logic for admission registration
8fd371353c1 Fixes 104067; Explicitly states Docker CLI plugin buildx required for building using Docker
39a1293cbc8 Drop beta REST APIs removed in 1.22
808659cc428 pin-dependencies.sh: support switching repos
768d69a423a add 'projects/' suffix if this library is used with an older version of the google api library
cdc225f2979 bandwith --> bandwidth
2c2661a4113 e2e test: lock-file and exit-on-lock-contention
5eae896d71a Remove AllowInsecureBackendProxy feature gate
4af506c9895 Add getOSInfo err info
73a5cce3e64 device manager: do not clean admitted pods from the state
93a237abd82 memory manager: do not clean admitted pods from the state
66babd1a90c cpu manager: do not clean admitted pods from the state
85d83ebd288 staging/publishing: Set go1.15 version to go1.15.15
619e38141b6 remove unnecessary waits from watch conformance test
1ce594b7ee0 Fixes flaky GKE kubectl test
80ca6a4ae6f Some cleanup of the package for event clocks
dc079acc2be sched: retry unschedule pods immediately after a waiting pod's deletion
4f1b1d72e31 Update setcap image to buster-v2.0.4
cafad985366 Update debian-iptables image to buster-v1.6.6
08d8f29a7a3 Update debian-base image to buster-v1.9.0
d166cabd9e2 Add e2e for local volume expansion
f9efd14d443 TAG used when building pause is configurable
b98594bc793 Add ibabou to gce/windows OWNERS file
d2ed3b28b79 Revert "revert Bump DynamicKubeConfig metric deprecation to 1.23 by delta update"
6b9dc099f88 [go1.16] Update to go1.16.7
296c18ec323 apf: estimate list width
7db782ee039 apimachinery: remove unused ignoredConversions map and nameFunc in converter.
b66d52f6a8b make notes more easily to understand
561ce035b5b Avoid spurious calls to update/delete validation
00d89aad506 Allow a custom kube-cross image + tag to be specified
c2a3b793d3e apf: use EventClock rather than a PassiveClock for queueset
023f6a90db8 Add SergeyKanzhelev to node e2e test approvers
ddaa06abeea Propose myself as a reviewer for cluster/gce/gci
c8431f42d9a kubeadm: Reduce the backoff time of AddMember for etcd
dfde50b1856 fix unsafe json construction for digestConfigObjects.
8ed1628a6e7 Add a new webhook metric tracking request totals.
3cfe3d048ff Improve dynamic cert file change detection
f9a791ff262 Remove kubectl book
a947c32783e Add feature gate to disable in-tree credential providers
d866272d65a Correct comment related to HugePageStorageMediumSize feature gate
a04a98154e5 Remove the StartupProbe feature gate
af2129b77d0 Allow override of `CGO_ENABLED=0`
d9d41b70f64 Fix metrics reporting for the deprecated watch path
dcb298c9552 Introduce event clocks based on k8s.io/utils/clock
2c60feffbee apiserver: add callback to get notified of object count
c486b229d28 refactor(kubeadm): remove the flag --port from KCM manifest
9351b57defe Skip node e2e test for recovering from ip leak with docker
ff0e1f4fe97 Add the pod field to all volumeToMount info level logs
691b45e220c Clarify ready (#103782)
9cf3ad5cffa Remove duplicate dependencies from 1.22 changelog
952aa1b2d26 add integration test for apiserver hsts
ff165c88239 Replace usage of Whitelist with Allowlist within Kubelet's sysctl package (#102298)
3e44139ae46 [jobs][registry]: Warn if no propagationpolicy set
9cffbab037e Log kube-env variables from startup script
a7834389b44 check APIStatus.Code in Is* family of functions
5d84ffa6c26 Update configure-helper.sh
b0039559ddf Update configure-helper.sh
572a24d854e add a keepalive time to the konnectivity server
0376c58c44d Update configure-helper.sh
ab595f37d25 CHANGELOG: Update directory for v1.22.0 release
8cf10d9a200 set showHiddenMetricsForVersion=1.22 in dynamicKubeletConfiguration test
9d30eb88dfd retry apiserver errors on e2e service tests
ea1bc18bc17 Use docker buildx for etcd image
ee7562a2f8a add clusterIP allocator metrics
94a58a3b146 remove GAed feature gates sysctls
ac076838c81 Add ehashman to node e2e test approvers
3463c2dfa97 Skip NVidia GPU test in node e2e CI jobs for containerd and other runtimes
4efc9a95695 Fix zone calculation - consider only untainted nodes
c8208247113 Add pod context to volume lifecycle logs
c35502ad4bd Remove AUFSUmountHung from NPD test
dab19517e5a Explicitly restart kubelet to stabilize serial-containerd job
980cf854397 revert Bump DynamicKubeConfig metric deprecation to 1.23 by delta update
72223406ac6 Remove stray DNS port references in NetPol tests
b7ea7a7766b kubeadm: disallow the mixture of --config and --patches
375ef778c4b kubeadm: remove deprecated --experimental-patches
34f49596332 replace e2e WaitForPodsReady by WaitTimeoutForPodReadyInNamespace
7e2d6301bf9 [k8s.io/kubectl/pkg/drain/drain]: minor typo fixup
1a3eda9394b fix: 81134: display conflicted taint without a json representation.
a77f4f4c29b Log e2e-node kubelet output directly to file
163e4974b63 e2e node server: fix crash in log line
1a87ae19a62 Revert "Add a namespace label to admission metrics and expand histogram range to 0-10s"
09dc055984e Update golang.org/x/time/rate (#104014)
a2a22903bc0 delete stale UDP conntrack entries for loadbalancer IPs
2635415482b fix error variable name
9f735e71bbb Simplify APF promise to what is really used in the code
9cee586ee98 apiserver: avoid repeated loading context for requestInfo in Namer.Name
c406f2edab6 Fix: ignore not a VMSS error for VMAS nodes in reconcileBackendPools
f720c4fd44b hack/verify fixes
ecb38137269 Update component-base OWNERS to include SIG-Architecture
fec260d083f Add release note block to cherry-pick script
260b5ef1554 fixing scripts from https://github.com/google/protobuf/releases to https://github.com/protocolbuffers/protobuf/releases
59a7cc12c9f Mark failing node serial tests as flaky
b5f24c334e4 Bump DynamicKubeConfig metric deprecation to 1.23
a1cf44eab44 Remove unused promise code from APF
05cfbecab99 test images: Adds image labels by default
bbb368b7012 Update e2e test images url
4549573a447 minor cleanups
ca90849724e add kube-openapi/pkg/schemaconv to kubeadm import-restrictions
4606ebe423a update node-problem-detector v0.8.9
99bc2b077fd Added support for multiple --from-env flags
4edb6e01bed Add kube-openapi to client-go import restrictions
df1d9380fbd Fixes (temporarily) curl piped to shell security vulnerability
3628065b455 fix boilerplate and staticcheck
85bc3c4f857 fix vendor
49c86bde556 fix extract_test
af11c4ac9be remove apiserver impor from client-go
93ef5acb35f Fix kubectl version unit test
a4dfe406507 Start the informerFactory in the ControllerContext
db48793269e Set idle and readheader timeouts
f1e1f3a416b Fix disruptive subPath test failures
363d47c08c8 staging/publishing: fix rules for legacy-cloud-providers for 1.22
d38c2df2c4b client-go: deltaFIFO trace slow handlers
55765f1b49e sched: support HistogramVec in scheduler performance test
479e2ae307c wrap extractor errors
7bfc420351f simplify test to only test the new logic of extractUnstructured
1122091b065 Revert caching in favor of simple ttl
53582a0104f remove commented out code
c9e97de46bb Address PR feedback around gvk parser generation ergonomics
9b9925f56db Restructure caching logic
7cb18e84f13 comments
f6ce385e444 remove test script
604db6eb2ad rename cache, add to integration test
235a57a29e5 Add HasOpenAPISchemaChanged to DiscoveryInterface
7b9757faa49 basic caching working
dda31bbf2e7 Manually set GVK in extract, add commentary to extractor
9f4a4d812d2 Write TestUnstructuredExtract
6e481c5db19 Initial UnstructuredExtract without caching
b15ed04c9dc Allow non-subsetting ILBs to update when the feature is enabled.
2ad2bc68443 kubectl: Add labels to ingress describe
004e4414839 refactored master to controlplane
00080d400fe Allow customizing spam filtering in event client library
822eb29b6f3 client-go/events: avoid referencing a nil related object
1555877cc5d fix data race for Test_Run_Positive_VolumeMountControllerAttachEnabledRace
8dc091ef2e2 Fix wrong log
ae7b9787ee7 cleanup description on deprecated include-uninitialized flag
dc9eb82e0aa Fix NPE in test/e2e/framework/providers/azure
7fa0b9b6c10 add --concurrent-ephemeralvolume-syncs flag for kube-controller-manager
93146048b4c Mark "update Node.Spec.ConfigSource" node e2es as slow
4115bef8268 Update references to test/conformance/image
024930df119 Move cluster/images/conformance to test/conformance/image
3520e8b3393 Fix a typo in comment
75f0007d2bc Overlaid OS's environment variables with the ones specified in the CredentialProviderConfig
00e31ce565a Fix incorrect comments in scheduler_queue.go
fef5c0c1a63 Improve storage test skipping pattern.
523b4c0918f Replace 'x.Sub(time.Now())' with 'time.Until(x)'
326471d8806 k8s.io/code-generator: Change BoilerplatePath() to locate file or require explicit flag
2cacfada265 Update Containerd version - GCE Windows
45cf1697ba0 Changed flag name underscore warning to avoid recommending potentially invalid flag name
97ba475941f add new metric
94977dce8d1 Update doc description for --audit-log-maxbackup
971e0c4400c Fix a typo in comment
f174307e494 k8s.io/code-generator: Enable generate-* scripts usage as module deps
8ad83fd685f Make crictl tests host local
80e4007bc3b test: e2e: HPA ContainerResource
5be47eaf275 kubeadm: update references to legacy artifacts locations
e2b6816953c Deprecate apiserver_longrunning_guage and apiserver_registered_watchers
019e8f71b6a refactor: normalizing URL string locally and move out from purell package
38239d3025d migrate cmd/kube-proxy/app logs to structured logging
dd2c3830600 decouple timeBudget from real clock
66803689585 Add: specify that reason is a field to record the reason why failed
6490fcc5bbc setting the status to fix on the known issue
9f09064104e feat: Provide IPv6 support for internal load balancer
51e4694cd66 fix typo scheduling queue to active queue
ef181c14e12 Provide reference to impersonation options for kubectl auth can-i command.
b09bbd808ae testing patches. add k8s.io/staging, remove local home
6d988acb558 Ignore 'wait: no child processes' error when calling mount/umount
d05b232afc8 optimize the code
5fdfe872d61 e2e: update makefile example for building images
ac09f7a8bd3 TODO comment should have been removed with #2912, the restartCount docs wasn't updated as part of #6794.
318b9a95786 remove superfluous [Feature:SCTP] tag in some test names
50b3cbe9990 e2e: remove unused sync.WaitGroup
9d405710fe7 e2e: remove runKubernetesServiceTestContainer
5347f67e35b Using full url format as runtime endpoint
d9b8c5f992c add deprecation for Azure Disk Kind in csi migration
baf0bf831d1 Fix typo in comment in endpoints_controller
f0b34bd24a7 Pass unknown labels in allowedTopologies during CSI translation
4101c8b3cb3 Set out.TargetCPUUtilizationPercentage correctly when converting autoscaling_HorizontalPodAutoscalerSpec to v1_HorizontalPodAutoscalerSpec
1980b18c458 Solved the test problem and added update comment
d1e9da9f8a0 update comment with EnqueueExtensions
5f0925a2941 Flake #99979 increase delay for ready state propagation
1887ddfc968 Make --configure-cloud-routes configurable in local-up-cluster
169583bf4ed tests for path resolver, add KUBE_ROOT to both top level func calls
2d3323d1fb4 try to fix the in_tree_volumes cases: refactor the projectBasePath logic
82728b5f71d Add integration tests for updating Job parallelism
7911a08fb31 Remove ServiceAccountIssuerDiscovery feature gate
e75f3fb563e add happy path tests for two types of imports
d3aabe23974 fix existing unit tests
585ce7f04dd missed a paren
bde2ef2a1a0 review comments
60d446fe3db Drop end of sunrpc port range to avoid port conflicts.
c79a0a08828 Get rid of unused flowSchemaRVs in P&F
73211256e8f Rename width to workEstimate in P&F code
2b03c771895 e2e: fix NFS options test for IPv6
d02568aab52 client-go/tools: update events version in doc
7a36a5b827e fix test failures in legacy cloud provider: add 'projects/' after upgrade
ef3c344868d seems to work, needs tests and a lot of cleanup
2bc5ff6ab34 Set EC2 instance cache max age to 10 mins
2926b4572e6 upgrade google.golang.org/api to v0.45.0
18d583653c6 upgrade github.com/prometheus/common to v0.28.0
abd8acc2599 fix exec failure for gomock finish calling
6c87c222771 Add structured logging for more steps
a9b7dcc8c21 kubelet: update remote runtimes for cri stat changes
2dc2b1e239d CRI: add fields for pod level stats to satisfy the /stats/summary API
a9a3c4bb9aa Refactor of TestValidateIngressClass and TestValidateIngressClassUpdate methods by adding Boilerplate in helper functions #FIXES: 99005
bf9f3dc7b3d deprecate unused option deployment-controller-sync-period for deployment controller
927d0c39322 cleanup: Removes GcrRelease and SampleRegistry from manifest.go
abf735daa83 remove stack trace log when sorting with a bad unsortable field
18955db4161 fix azure disk translation issue
5d80d6e7c3d Make cpu request of kube proxy configurable by env variable.
de442ef8604 Retry hostname->IP: [Errno -2] Name or service not known
03f9f75e880 fix typo for daemon_controller_test.go
f2eec0a8167 ResourceConfigForPod: check initContainers as other QoS func
a7c48e97076 images: Removes OS Version workaround for manifest list images
97bcfbd674b Allow the actual inhibit delay to be greater than the expected inhibit delay
d9be5abc378 kubelet: add shutdown events
0839c00b76b Increase pressure timout on DiskPressure test
992993257d8 Removed usage of github.com/pkg/errors
8eee78a61f0 Update github.com/pkg/errors to go native errors pkg
7b98a0770fe remove not used IsStaticPod, prevent possible panic
f9e4a015e22 tests: Spawn poststart / prestop pods on the same node as the http pod
e2477171ca2 Ensure images are pulled after eviction tests
a93ad421ee9 Return StatusError 404 in fake client when resource is not found
a0e8a98bcb6 Add support for expanding local volumes
c882437f220 e2e test: bump ProgressDeadlineSeconds in Deployment iterative rollouts
9d636fea046 e2e test: fix Pause in Deployment iterative rollouts
a1e56b4f6d1 Update the typo in values of pods in performance-config.yaml
5b426818404 Correctly drain timer
6a0452e861e cleanup: fix errors ending with punctuation in proxy
82402c5af0c Omit redundant nil check in type assertion
68ec18a050d code-generator/register-gen: groupName can't use '// +groupName=somegroup ' to override
1dc4a29a1ae fix typo in retry doc
7aab5df381f use already defined variable
72271dcc9c5 Fix error path in file /verify-prerelease-lifecycle-tags.sh.
82a9fb9d0ec subatomic: Creates the symlinks to user-visible files later
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
The oci-image-spec repository has dropped its master branch,
so the fetcher default no longer works.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping kubernetes to version v1.23.0-alpha.0-33-gd9d4f0c69cb, which comprises the following commits:
363d47c08c8 staging/publishing: fix rules for legacy-cloud-providers for 1.22
6d1556df7bb Update to using apiserver-network-proxy v1.22
7728428f017 Do not try to create an audit log file named "-"
77afa53f9d3 Add e2e testing manifest bundle to e2e_node test suite
0cce9a4a6c6 Remove conformance status from a sysctl test and relabel
0aa16fae5b8 staging/publishing: add release-1.22 rules
3af4fe8c9b6 Use pointer gomega comparison for UsageNanoCores
2a4a1c1d005 disable aufs module
0610968bfaa bump metrics-server to 0.5.0
c5aead020b6 cluster: fix CI metrics-server deployment
9103b7187c9 Fetch metrics from controller manager & scheduler no run once
236e72cf8a9 Make CSR cleaner tolerate objects with invalid status.certificate
c1bac408803 Fix SIG Node SSH e2e test
33feaee2c2d Fix windows storage tests
fac3dd6914f CHANGELOG: Update directory for v1.22.0-rc.0 release
59c0523bca0 Using ServiceIPs instead of DNS names in the NetworkPolicy Probes + adding Interface decoupling (#102354)
536cf819747 Add konnectivity agent to log dump
d7ee024cc5d kubelet: Make condition processing in one spot
c2a6d07b8f0 kubelet: Avoid allocating multiple times during status
9efd40d72ad kubelet: Preserve reason/message when phase changes
9d0b32858a5 update cos 85 version to latest.
e5b434e990d kubelet/cm: don't set Devices
eb5df869baa vendor: bump runc to 1.0.1
aeb82243fc8 Revert "tests for statefulset PersistentVolumeClaimDeletePolicy api change"
faed88bb720 Add additional APF test for handling other panic types
ef435b85b47 Optimize APF support for watch initialization to fix the pod startup time regression.
1f2902a336c Fix panic in master upgrade tests
e5a1f86e0ac add apiserver tracing integration test, and fix endpoint validation
10a3cc815be Revert "statefulset PersistentVolumeClaimDeletePolicy api change"
fb5b966a88a Revert "Add StatefulSetAutoDeletePVC feature gate"
0d1aa3a1b87 CHANGELOG: Update directory for v1.21.3 release
1e5ba82fd0b CHANGELOG: Update directory for v1.20.9 release
fc6a5be694a CHANGELOG: Update directory for v1.19.13 release
be34dc95b5d Remove E2E test for NodePreferAvoidPods scheduling Score
a2ea04bab3e tests: Updates cuda-vector-add:1.0 image to the promoted registry
a3b6f0557d2 device-plugins: replace gcr.io/gke-release to use the community registry
f5bc129a991 CHANGELOG: Update directory for v1.22.0-beta.2 release
a6ac42082b4 client-go exec: fix metrics related to plugin not found
5e1b5ec398c Revert counting deleted pods as failures for Job
75748c185ea enable verify-golangci-lint.sh
07332ad3985 fix ineffassign and varcheck
26cc8e40a8f fix deadcode issues
b74fe232e34 update golangci-lint to newer version
416efdab26a Remove Endpoints write access from aggregated edit role
6c61ee51b90 Revert granting EndpointSlice write access to edit role
de9cdab5ae3 kubelet: Prevent runtime-only pods from going into terminated phase
aaa7de0ac67 Update API description for probe.terminationGracePeriodSeconds
bf2ae14501e Move feature flag to beta (but leave as false) and remove the feature flag from Kubelet
83f8d1ad72d [go1.16] Update to go1.16.6
65618bfd696 Add sync reconstructed volume from desired state of world for volumemanager
9fa641b9add test/integration/endpoints: check for pod existencen in TestEndpointWithTerminatingPod
1280a365e4a Revert "use PermitWithoutStream=true for etcd: send pings even without active stream"
bc475373b24 Drop direct dependency on gotest.tools
32783f75684 PodSecurity: Initial webhook implementation
2878e472ad7 test/integration/endpoints: improve docs for TestEndpointWithTerminatingPod
0aa1b3b0bfc test/integration/endpoints: add a test to ensure Endpoints does not include terminating pods
642eff0c69d Rename NodeSwapEnabled flag to NodeSwap
d1ef44242a3 Make khenidak a sig-net approver
c2aaf0667fd PodSecurity: make integration tests run sparsely
9dd59017c4c add tracing to webhook requests
581b088f760 integration test: provide a timeout for /health
a570008cbd6 apf: fix virtual clock
5918869ed6c Revert 103327: "kube-scheduler: ensure the default config output of --write-to-config is usable"
1727cea64c1 Fix index out of range if multiple default plugins are overridden
b14c10ae301 create LeaderMigrationConfiguration v1beta1
40b2155ddb7 promote ControllerManagerLeaderMigration to beta.
995278c9fbb add ControllerManagerLeaderMigration as beta
513bd93f76d update test for feature gate
412962204ff Fix the code is leaking the defaulting between unrelated pod instances
2b88dc381e1 [PodSecurity] Add test coverage for pod-template-containing objects
0fa01c371c9 Mark volume mount as uncertain in case of volume expansion fails
fd0db61d6c3 test/intergration/endpointslice: add tests for endpointslice terminating condition
826a5219dac promote EndpointSliceTerminatingCondition to Beta
a2fb8b00392 smtalign: e2e: add tests
23abdab2b77 smtalign: propagate policy options to policies
6dcec345dfb smtalign: cm: factor out admission response
c5cb263dcf2 smtalign: propagate policy options to cpumanager
6dccad45b4f smtalign: add auto generated code
cc76a756e40 smtalign: add cpu-manager-policy-options flag in Kubelet
649b87aaf85 prevent mutation of deletion options during delete collection
d95b14e1abf Revert "apiserver: add callback to get notified of object count"
d5d9327351d Only use dualstack if the node and config supports it
8e2b728c68a Explicitly skip host file mounting for windows
2dd26221881 Track Job Pods completion in status
7da1a0b2304 update the help text of KubeletConfig following the DynamicKubletConfig feature deprecation
41c5bca3496 kubectl: update set command description to include cronjob resource (#102503)
bb56a0bd048 Add Job.status.uncountedPodUIDs
418fa71b6b1 Simplify use of the fake dynamic client
62d7a417fa6 CHANGELOG: Update directory for v1.22.0-beta.1 release
40f1db8d2d4 update license gathering script for forked code
79e230ea212 fix kubelet panic when DynamicKubeletConfig enabled
b6b3a692843 Don't set sysctl net.ipv4.vs.conn_reuse_mode for kernels >=5.9
369c4a2b98b Use cmp.Diff() replace reflect and diagnosis
7f9d2eda828 limit warnings to requests that would otherwise succeed, reformat warning message
36907db929e PodSecurity: Drop field path from container visitor
78953990777 PodSecurity: seLinuxOptions: regenerate files
d5419707516 PodSecurity: seLinuxOptions: cleanup
19c8ab297c0 PodSecurity: sysctls: cleanup
e178695c25b PodSecurity: seccompProfile_baseline: regenerate files
bebf6129672 PodSecurity: seccompProfile_baseline: cleanup
2af08d1a5a0 PodSecurity: seccompProfile_restricted: regenerate files
88a12412998 PodSecurity: seccompProfile_restricted: cleanup
43146d4377f PodSecurity: runAsNonRoot: regenerate files
5fc06591a2c PodSecurity: runAsNonRoot: cleanup
edb7cdb02aa PodSecurity: restrictedVolumes: regenerate files
676240a342a PodSecurity: restrictedVolumes: cleanup
4a69c579923 PodSecurity: procMount: cleanup
f9b8dfd0e69 PodSecurity: privileged: cleanup
7c704674003 PodSecurity: windowsHostProcess: regenerate files
9dce1d6a493 PodSecurity: windowsHostProcess: cleanup
45485bb7aea PodSecurity: hostPorts: cleanup
f709cf05f41 PodSecurity: hostPathVolumes: regenerate files
a39c448684a PodSecurity: hostPathVolumes: cleanup
826c57701c7 PodSecurity: hostNamespaces: cleanup
62b71175e74 PodSecurity: restricted capabilities: regenerate files
f10dfc6e304 PodSecurity: restricted capabilities: cleanup
bd4dc42a72e PodSecurity: baseline capabilities: regenerate files
809abf4f5b9 PodSecurity: baseline capabilities: cleanup
b390e9e32dd PodSecurity: appArmorProfile: cleanup
8291f8490b9 PodSecurity: allowPrivilegeEscalation: regenerate files
1e2886341a6 PodSecurity: allowPrivilegeEscalation: cleanup
648b970718e PodSecurity: add message helper
92541f46e6b Restore ability to print long strings
5d80665b0a6 Fix dbus config path for GracefulNodeShutdown e2e
6c72fbaa899 update vendor after switch
79d0c6cdc10 switch from golang-lru to the one in k8s.io/utils
3a221b33324 update to new k8s.io/utils
a3f57886a26 fix CleanScope so we can resolve correct verb for apiserver_request_terminations_total
a6b30e96294 podsecurity: added ValidatePodSecurityConfiguration
c3d9b10ca83 feature: support Memory QoS for cgroups v2
80dda49ce22 Service: Fix semantics for Update wrt allocations
6cf3e36c370 kubeadm: statically default the "from cluster" InitConfiguration
0a42f7b9890 Graduate EndpointSliceProxying and WindowsEndpointSliceProxying Gates
1dfacd3c702 PodSecurity: use code/reason/details from admission library
fb9cafc99be sched: provide an option for plugin developers to move pods to activeQ
9bd857ca047 Truncate endpoints over a 1000 addresses
d9e3fbff949 apf: fix bootstrap ensurer log message
bb3fe633b47 add test for triggering race condition
33e6ebc8f8d update translations
ab1807f2bcb copy podStatus.ContainerStatuses before sorting it
1e0f695afa9 fix translations location in update-translations.sh
6408f3dffc0 Update generated files
250f47a45c5 Rename to capabilities_restricted
08608a24f14 Update dropCapabilities check/fixtures
ce257266aa7 client-go: copying object to fix data race (#103148)
2c116055f7e [disruptioncontroller] Don't error for unmanaged pods
a8793dcb3e2 Implement check_dropAllCapabilities.go and test/fixtures_dropAllCapabilities.go
3fadea4ea2e Bump version of Addon Resizer used by Metrics Server
6b736f34848 Minor adjustments to descriptions and example text
cea1dcfeed2 Add watch tracker to APF for request cost estimation
2df05df6982 Avoid code duplication in watchcache
96406b915d3 Clean up the remaining master names in test/integration
7f1c4977d7a Refinements to pick queue logic in P&F
26e83ac4d43 kubelet: ignore /dev/kmsg error when running in userns
192790c52fe kube-proxy: allow running in userns
dbe01551397 kubelet/cm: ignore sysctl error when running in userns
b16323e37ce New feature gate: KubeletInUserNamespace
af19d7f415d fix delete nil pointer panic
d8fe255f413 Add test for validateProbe
e378600c90d Add validation for Prober TerminationGracePeriodSeconds
1ff5ae2cb5f Regenerate
20de04d6c30 Update API documents
00dba76918e Add DataSourceRef field to PVC spec
5b787aa1843 Clean up testing of AllocateLoadBalancerNodePorts
eae4a19bd35 Fix small bug with AllocateLoadBalancerNodePorts
3eadd1a9ead Keep pod worker running until pod is truly complete
68dadd40d63 Fix pkg/api/pod/util tests to ensure feature gate is set
adcfcfa2e78 add yaml separator validation and avoid silent ignoration
04d59ff2df3 test/e2e/network: add Service internalTrafficPolicy test for pod (w/ host network) -> pod (w/ host network)
9977ea371b1 test/e2e/network: add Service internalTrafficPolicy test for pod -> pod (w/ host network)
025c95a778b test/e2e/network: add Service internalTrafficPolicy test pod (w/ host network) -> pod
f6bc5d01402 test/e2e/network: add Service internalTrafficPolicy test pod to pod
2d0f99fba18 Fix resource metrics e2e test
28152a26fee fix: return empty VMAS name if using standalone VM
ad8275f294f Added unit tests for ExpandPathsToFileVisitors
dffc2a60a28 deprecate and disable by default DynamicKubeletConfig feature flag
68ccb8a9477 Use system-validators v1.5.0
b1f34ea205f add RetryOnConflict to pod status updates
6d4096cc69a Upgrade kustomize-in-kubectl to v4.2.0
a46b42a92b8 Manually update kustomize attachment points.
212ce7c2871 Shorten test time
a42c066af70 Fix Data Race in nodeshutdown restart
c69ad8c57a3 e2e: increase readiness gate timeout
71f810bb71e Add distributed tracing to the etcd client
babebf76d39 Apply PSP container tests to EphemeralContainers
aff49ca6846 Generated code for securityContext in EphemeralContainers
70765fa24d5 Allow securityContext in EphemeralContainers
ebe550bd488 Upgrade etcd to 3.5.0
7839668877e GCE Windows: Set TCP/IP parameters to keep idle connections alive on GCE.
30d2ad576ac Remove ManagedPod,ManagedContainer metrics
1c8675fc02f Ensure node e2e apiserver and test suite can open enough files
c4e644406ed test images: Adds windows-nanoserver image
d5cb5065c46 Skip node container manager test on systemd
03d60a89a0c Add build instruction for buildx CLI plugin
82e4ab5ec62 Improve slice allocation in LabelSelectorAsSelector
19c23949154 Add benchmark for LabelSelectorAsSelector
3f0b64ec959 kubectl: show consistent unit format in quota describe
0a83041d4d3 remove Factory that not used
9e372bffeff e2e: test SSH port on NodeSSHHosts
c12aa0f6b75 promote HugePageStorageMediumSize to GA
849dbe034b3 use PermitWithoutStream=true for etcd: send pings even without active streams
29178fff1c9 Add kubelet managed pod metrics
b42c1a3e474 test images: Adds cuda-vector-add-old image
a70323d6320 Updating OWNERS_ALIASES for SIG-Windows
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
There's not much here, but we pickup the 3.2.4-dev parsing bump in
preparation for that development stream.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.4-12-g1c13c54ca, which comprises the following commits:
7b17268fd remotes/docker/pusher.go: Fix missing Close()
2f11d5855 remotes/docker/fetcher.go: Fix missing Close()
4c1722e2b Update docker resolver to authorize redirects
166a81f88 snapshot/devmapper: log exported methods correctly
d2cb9949b go.mod: runc v1.0.1
6807d070e update runc binary to v1.0.1
81cfab8f5 Prepare release notes for v1.5.4
d9b284bfd Try next mirror in case of non-404 errors, too
48d7a5c5c Prepare release notes for 1.5.3
defaec610 Update mailmap
43d089233 integration/client: go mod tidy
ac7bd5483 Update Go to 1.16.6 (cont.)
385d9ed00 Update Go to 1.16.6
a695a0704 [Vendor] Update hcsshim to 0.8.18
0515f9d2d Fix missing Body.Close() calls on push to docker remote
f5c7cb6e0 Add test for archive breakout test for lchmod
37a44de17 Cleanup lchmod logic in archive
78b95dff2 update runc binary to v1.0.0 GA
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.3+k3s1, which comprises the following commits:
786f91b997 Fix multiple bootstrap keys found
b9cc6409f4 Bump containerd to v1.4.8-k3s1
c15259d925 Fix to allow prune to correctly cleanup custom named snapshots (#3649) (#3672)
659002f153 [release-1.21] Upgrade k3s-root version
9c981b0184 [release-1.21] Bump Kubernetes to v1.21.3 (#3652)
9859ec7a81 [release-1.21] - Backport Fix storing bootstrap data with empty token string (#3514)
5a88b5b3ea Emit events for AddOn lifecycle
ab0520f44e Add comments, clean up imports and function names
411d7e6753 Tidy up function calls with many args
ff0451c4dd Add nodename to UA string for deploy controller
c3d134a405 prevent snapshot save when snapshots are disabled (#3475) (#3610)
267adf64dc Bump the packaged runc binary version
42ab13a869 Update etcd snapshot error message to be more informative when etcd database is not found (#3592)
bbd4fb9888 Dispatch to rancher/system-agent-installer-k3s when tagged
0c5577a8ec [Backport 1.21] Update embedded kube-router (#3557) (#3595)
04d425289f Fix spelling to satisfy codespell check
733ca42b6a go mod vendor
9863b92eb4 Bump rancher/klipper-helm image in airgap image-list.txt
0a5bca7ea2 Bump helm-controller to v0.10.1
0c2d8376d0 Changes local storage pods to have 700 permissions (#3537) (#3548)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker to version v20.10.7-41-g013d6655bb, which comprises the following commits:
067918a8c3 [20.10] update containerd binary v1.4.8
b0da207af4 Bump go 1.16.6 (addresses CVE-2021-34558)
abe8c4e80d updated vendored archive/tar to go1.16.5
7c6645b32b update archive/tar patch for go 1.16
55c363ef48 Bump go 1.16.5
8b0913935c integration: ensurePlugin: disable go modules when building plugin
09a7efb1f7 hack/ci/windows.ps1: disable go modules
6793ff26d8 pkg/fileutils: TestMatches: remove cases no longer valid for go1.16
ab9a92f79c Update test certificates
1d4a06e610 hack: add script to regenerate certificates
feaca9816a hack/vendor: add check for vendored archive/tar
793340a33a [20.10] update containerd binary to v1.4.7
7429792eed docker pull: warn when pulled single-arch image does not match --platform
72b66d56a5 [20.10] vendor github.com/Microsoft/hcsshim 64a2b71405dacf76c95600f4c756a991ad09cf7c (moby branch)
50c392c9ff API: fix 404 status description on container create
025e3a7898 Update v1.41.yaml
b9cf7b7db5 rootless: fix "x509: certificate signed by unknown authority" on openSUSE Tumbleweed
869b50e10b rootless: disable overlay2 if running with SELinux
44f95c7126 dockerd-rootless.sh: avoid /run/xtables.lock EACCES on SELinux hosts
78bb0f445a Dockerfile: update go-swagger to fix validation on Go1.16
618f6a79ab Run s390x tests on Ubuntu 20.04
872cb16edb update runc binary to v1.0.0 GA
4d42e18c05 vendor: swarmkit to fix deadlock in log broker
89edb68e89 Fix possible overlapping IPs
523f8b397c Jenkinsfile: skip ppc64le and s390x by default on pull requests
a57fc0eb15 Fix setting swaplimit=true without checking
6474dada20 vendor: github.com/moby/buildkit v0.8.3-3-g244e8cde
895eaacdd4 vendor: github.com/moby/buildkit v0.8.3
003e3c0551 pkg/signal: ignore SIGURG on all platforms
95551168ac vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be
d29a55c6c3 vendor: github.com/docker/libnetwork 64b7a4574d1426139437d20e81c0b6d391130ec8
94c1890d39 builder-next: relax second cache key requirements for schema1
2a0c446866 Use v2 capabilities in layer archives
Bumping docker-cli to version v20.10.7-20-ge9b8231d6a, which comprises the following commits:
8a64739631 Update Dockerfiles to latest syntax, remove "experimental"
260ba1a8a2 vendor: cpuguy83/go-md2man/v2 v2.0.1
f63cb8b97e vendor: github.com/russross/blackfriday/v2 v2.1.0
48e6b44379 Dockerfile: remove custom go build for windows/arm64
644c003606 circleCI: update docker engine to 20.10.6
0d17280a30 Jenkinsfile: update old engine version to 19.03
eedfe50a99 Jenkinsfile: update labels to prevent running on cgroups v2
f3dd1ee6c1 Fix minor wording
c7cf60f657 docs: Fix wrong bridge driver option
0168626037 vendor: github.com/docker/docker-credential-helpers v0.6.4
e3a9a92b14 vendor: moby/term, Azure/go-ansiterm for golang.org/x/sys/windows compat
ab733b5564 [20.10] vendor: github.com/docker/docker v20.10.7
746c553574 docs: fix link to command-line reference
2945ba4f7a Ignore SIGURG on Darwin too
032e485e1c ForwardAllSignals: check if channel is closed, and remove warning
88de81ff21 Fix `docker start` blocking on signal handling
706ca7985b Revert "[20.10] Revert "Ignore SIGURG on Linux.""
8264f5be8d docs: dockerd: fix broken link and markdown touch-ups
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.7-41-g013d6655bb, which comprises the following commits:
067918a8c3 [20.10] update containerd binary v1.4.8
b0da207af4 Bump go 1.16.6 (addresses CVE-2021-34558)
abe8c4e80d updated vendored archive/tar to go1.16.5
7c6645b32b update archive/tar patch for go 1.16
55c363ef48 Bump go 1.16.5
8b0913935c integration: ensurePlugin: disable go modules when building plugin
09a7efb1f7 hack/ci/windows.ps1: disable go modules
6793ff26d8 pkg/fileutils: TestMatches: remove cases no longer valid for go1.16
ab9a92f79c Update test certificates
1d4a06e610 hack: add script to regenerate certificates
feaca9816a hack/vendor: add check for vendored archive/tar
793340a33a [20.10] update containerd binary to v1.4.7
7429792eed docker pull: warn when pulled single-arch image does not match --platform
72b66d56a5 [20.10] vendor github.com/Microsoft/hcsshim 64a2b71405dacf76c95600f4c756a991ad09cf7c (moby branch)
50c392c9ff API: fix 404 status description on container create
025e3a7898 Update v1.41.yaml
b9cf7b7db5 rootless: fix "x509: certificate signed by unknown authority" on openSUSE Tumbleweed
869b50e10b rootless: disable overlay2 if running with SELinux
44f95c7126 dockerd-rootless.sh: avoid /run/xtables.lock EACCES on SELinux hosts
78bb0f445a Dockerfile: update go-swagger to fix validation on Go1.16
618f6a79ab Run s390x tests on Ubuntu 20.04
872cb16edb update runc binary to v1.0.0 GA
4d42e18c05 vendor: swarmkit to fix deadlock in log broker
89edb68e89 Fix possible overlapping IPs
523f8b397c Jenkinsfile: skip ppc64le and s390x by default on pull requests
a57fc0eb15 Fix setting swaplimit=true without checking
6474dada20 vendor: github.com/moby/buildkit v0.8.3-3-g244e8cde
895eaacdd4 vendor: github.com/moby/buildkit v0.8.3
003e3c0551 pkg/signal: ignore SIGURG on all platforms
95551168ac vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be
d29a55c6c3 vendor: github.com/docker/libnetwork 64b7a4574d1426139437d20e81c0b6d391130ec8
94c1890d39 builder-next: relax second cache key requirements for schema1
2a0c446866 Use v2 capabilities in layer archives
Bumping docker-cli to version v20.10.7-20-ge9b8231d6a, which comprises the following commits:
8a64739631 Update Dockerfiles to latest syntax, remove "experimental"
260ba1a8a2 vendor: cpuguy83/go-md2man/v2 v2.0.1
f63cb8b97e vendor: github.com/russross/blackfriday/v2 v2.1.0
48e6b44379 Dockerfile: remove custom go build for windows/arm64
644c003606 circleCI: update docker engine to 20.10.6
0d17280a30 Jenkinsfile: update old engine version to 19.03
eedfe50a99 Jenkinsfile: update labels to prevent running on cgroups v2
f3dd1ee6c1 Fix minor wording
c7cf60f657 docs: Fix wrong bridge driver option
0168626037 vendor: github.com/docker/docker-credential-helpers v0.6.4
e3a9a92b14 vendor: moby/term, Azure/go-ansiterm for golang.org/x/sys/windows compat
ab733b5564 [20.10] vendor: github.com/docker/docker v20.10.7
746c553574 docs: fix link to command-line reference
2945ba4f7a Ignore SIGURG on Darwin too
032e485e1c ForwardAllSignals: check if channel is closed, and remove warning
88de81ff21 Fix `docker start` blocking on signal handling
706ca7985b Revert "[20.10] Revert "Ignore SIGURG on Linux.""
8264f5be8d docs: dockerd: fix broken link and markdown touch-ups
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 1.29.2:
- Remove prompt to use docker compose in the up command
- Bump py to 1.10.0 in requirements-indirect.txt
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Fix for rare legacy systems which still use simultaneously both
sysvinit and systemd in DISTRO_FEATURES. This fix avoids issues
during do_rootfs with postinstall scriptlets of ['docker-ce'].
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v3.2.3-2-g09e8afe3a, which comprises the following commits:
1e6fd46e9 Bump to v3.2.3
1d7ddf511 Update release notes for v3.2.3
e4c45e759 vendor containers/common@v0.38.16
cb7016224 vendor containers/buildah@v1.21.3
1a8b2a037 Fix race conditions in rootless cni setup
e54a513b9 CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf
1469af265 Make rootless-cni setup more robust
6f9d9636a Support uid,gid,mode options for secrets
bed195bf8 vendor containers/common@v0.38.15
75431a455 [CI:DOCS] podman search: clarify that results depend on implementation
37570b7b7 vendor containers/common@v0.38.14
6ecedc161 vendor containers/common@v0.38.13
8a41bf3ee [3.2] vendor containers/common@v0.38.12
2c003d978 Bump README to v3.2.2
bb2cbf0d5 Bump to v3.2.3-dev
d577c44e3 Bump to v3.2.2
9f4afa1ea fix systemcontext to use correct TMPDIR
5dabff27d Scrub podman commands to use report package
647c2024e Fix volumes with uid and gid options
c2dcb3ee2 Vendor in c/common v0.38.11
ba70363f6 Initial release notes for v3.2.2
a9fd54775 Fix restoring of privileged containers
d5f0729b2 Fix handling of podman-remote build --device
90805fa39 Add support for podman remote build -f - .
854c27c0a Fix panic condition in cgroups.getAvailableControllers
b0dc157af Fix permissions on initially created named volumes
f5cdb95ee Fix building static podman-remote
1c04cfe83 add correct slirp ip to /etc/hosts
6c4ee8535 disable tty-size exec checks in system tests
6ba9617be Fix resize race with podman exec -it
eb6d4b0cf Fix documentation of the --format option of podman push
e5c939183 Fix systemd-resolved detection.
613f427a0 Health Check is not handled in the compat LibpodToContainerJSON
949573c5a Do not use inotify for OCICNI
ab5e770c4 getContainerNetworkInfo: lock netNsCtr before sync
b957bff8b [NO TESTS NEEDED] Create /etc/mtab with the correct ownership
6d394f0e4 Create the /etc/mtab file if does not exists
879d66e7d [v3.2] cp: do not allow dir->file copying
6f769bc0e create: support images with invalid platform
19a89db66 vendor containers/common@v0.38.10
e5c070baf logs: k8s-file: restore poll sleep
4d9a9149d logs: k8s-file: fix spurious error logs
dac2d31a2 utils: move message from warning to debug
60752b320 Bump to v3.2.2-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.5.2-18-g9be04c276, which comprises the following commits:
78b95dff2 update runc binary to v1.0.0 GA
a2dc682f1 sandbox: send pod UID to CNI plugins as K8S_POD_UID
9d8880816 content/local: inline sys.StatATimeAsTime()
3735a7dfe Fix incorrect UA used for registry authentication
31ecdf77d Fix cleanup context of teardownPodNetwork
b441ec19f Add proper Go version before project checks
d31f5e6b6 fix invalid validation error checking
3fd01c4ea Change Wrapf of non-error to an actual error
cba7b44b6 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
354f729a4 Prepare release notes for v1.5.2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
| |
We need to change our branch to avoid parse errors.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Bumping lxc to a newer 4.0 -stable release.
We drop two patches that have been integrated to the upstream repo, but
otherwise, things are the same.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Switching to the release 1.31 branch, and picking up two minor
version bump commits. This isn't much different than our previous
build from master/main, but it is worth following the release
branch for now.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
Skopeo has migrated from master to main, so we adjust our branch
accordingly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.2+k3s1-6-g0c2d8376d0, which comprises the following commits:
0c2d8376d0 Changes local storage pods to have 700 permissions (#3537) (#3548)
65e521140a [Backport 1.21] Move cloud-controller-manager into an embedded executor (#3530)
3224f6b56d fix possible race where bootstrap data might not save
5a67e8dc47 Update to v1.21.2 (#3479)
c35761d169 Renamed client-cloud-controller crt and key (#3472)
8651d6af5f Send systemd notifications for both server and agent (#3430) (#3460)
32b02d1baf Send systemd notifications for both server and agent (#3430)
c012e6ec6f Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3454)
eac48f69bc Add kubernetes.default.svc to serving certs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to 1.22-beta. We drop our bindata patch, since the generated
bindata is no longer used.
The following commits are part of this update:
9e87082b85f [Pod Security] Baseline + restricted policy checks for seccomp (#103341)
a7469cf6804 sort and filter exposed Pod IPs
cf6ba6096f9 Move pod-security-admission to an external Attributes interface
6bfaeaf9165 Deprecate azure and gcp in-tree auth plugins
55847256058 Explicitly set LimitedSwap case with fallthrough
0ecc7ba311a Update the logic to pick the best queue in P&F
4c9c761bbb2 instantiates scheduler ComponentConfig after parsing feature gates
74f5ed6b172 This introduces an Impersonate-Uid header to server side code.
2220fc61496 PodSecurity: clean up unnecessary passing fixtures
ea54b1b152c PodSecurity: Make check-specific passing fixtures optional
9a5237ca63a Custom plugin config should take precedence over default plugin config
823a0f101ac Don't return in api validation
4b9230ed27f Promote LogarithmicScaleDown to beta
24e19229101 apf: add additional latency into width
20e1c4d7548 exec credential provider: update tests+metadata for v1
04d59ff2df3 test/e2e/network: add Service internalTrafficPolicy test for pod (w/ host network) -> pod (w/ host network)
9977ea371b1 test/e2e/network: add Service internalTrafficPolicy test for pod -> pod (w/ host network)
025c95a778b test/e2e/network: add Service internalTrafficPolicy test pod (w/ host network) -> pod
f6bc5d01402 test/e2e/network: add Service internalTrafficPolicy test pod to pod
28f3f365057 Promote the ServiceInternalTrafficPolicy field to Beta and on by default (#103462)
d0c422fd9c8 Hide long and multiline strings when printing
edbaf9d5d36 test/integration/quota: poll for ResourceQuota used status in TestQuotaLimitService
caf42fde430 test/integration/quota: refactor Service forbidden check into helper function
54bc1babe16 test/integration/quota: update TestQuotaLimitService to explicitly check for Forbidden status when quota limit is exceeded
87cef2ca736 test/integration/quota: deflake TestQuotaLimitService by collapsing test cases and adding a short delay for resource quota to propagate
a85f3e4cce6 Fix(test/integration/util): fix typo on logging message
a2c1b284da2 update url
1002b0d163d apiserver: add callback to get notified of object count
b6b1674f560 Switch to the version instead of the `latest`
194ed1408dd update translations
66dbfbce105 update-translations.sh: add fix translations option (-k)
079d8aeb1e4 fix update-translations.sh
06124c1d1c6 Add backwards compatibility for kubectl debug
f01d251e38c kubeadm: statically default ImagePullPolicy in v1beta3
bb6d5b1f95a memory manager: provide unittests for init containers re-use
960da7895cc memory manager: remove init containers once app container started
b965502c495 memory manager: re-use the memory allocated for init containers
94414bea475 kubeadm: fix godoc formatting for v1beta3
61d88af9e40 Revert "Update runc to 1.0.0"
5ea9460234a Readable error message on the plugin configs of the removed plugins
2069ff9efcd fix compatibiltiy_test failures
1f24a198e76 reduce cpu usage of kube-proxy with iptables mode
29814890f6a fix compatibiltiy test
f1f0183d2bb refactored extenders from scheduler/core to scheduler
570365178a8 merge packages of scheduler/core and scheduler
26f223fa6ed Bump `distroless/base` image to latest version
772344aef22 kubeadm: fix nil pointer in Cfg() feature gate checking
c2a8cd359f1 re-order the imports in kubeadm
c50b3074fe8 Moved VOLUME_MOUNT_GROUP capability check from NodeStageVolume to MountDevice; added log message in SetupAt to indicate FSGroup is delegated to driver
794a925a85f Pass FsGroup to NodeStageVolume
0e315355dfc Pass FsGroup to MountDevice
ae5668edefd Pass FsGroup to NodePublishVolume
65db13a3a5f Combine capability check implementations
99700f7faff feature gate
c24dfe528a0 cluster,hack: Use community infra GCS bucket for retrieving CI builds
1ae9b8f04dc Update kernel components to run as non-root in kubeadm.
83ee392ed42 implement EnqueueExtensions interface in volumebinding
c96c809539f Add integration test for LB node port control
c8bc4202454 Fix the beta release version.
79b6df96fc6 Add tests for LB type service
24592ca9890 Update the related tests
05c6eaf0d16 promote ServiceLBNodePortControl to beta
8972efc65fe change tracing service from kube-apiserver to apiserver
58b91ffca9e adds HasBeenReady signal that fires when the readyz endpoint succeeds
ca108d109d5 readyz signals when the handler succeeds for the first time.
968185e1f7c Warn user for runtime support of debug targeting
6d6d200c3a7 dry-run can work when using an external ca
6c88a62cb4c remove logging from the Signal method
dae08bc3a73 rename terminationSignals to lifecycleSignals
c91496dda04 cluster: enable debug handlers on GCE master nodes
2b84b49ea98 Service REST test: Remove pointless cleanup
ca708fa9ac3 Service REST test: Fix some names
54b6a416fba Service REST test: better IP and port alloc checks
8d49502fcd4 csr: update e2e conformance test with expirationSeconds usage
29b3fa78263 Generated
cd91e59f7c3 csr: add expirationSeconds field to control cert lifetime
0a38b2804d9 add deprecated message for igonre-errors flag, and fix unsafety http link
43b13840db5 Service REST test: remove obscure const
44eb475b101 Service REST test: remove unused return value
d6208606f33 Service REST test: remove pointless scaffolding
48e591eba23 Service REST test: remove obsolete setup param
a3b05033f66 Move endpoints test-helper funcs to a package
012bfaf98d3 Service REST test: remove last use of "inner"
22ed090e734 Service REST test: mostly remove tests of "inner"
7e8882d189f Service REST test: Remove pointless scaffolding
175f4f33873 Move service test-helper funcs to a package
b1fcbab8014 Service REST test: helper funcs for ports, too
5f65ba7d766 Service REST test: Use helper funcs to streamline
d64bb1b29ed Service REST test: always check errors
d3a0332b6cd Service REST test: remove unused fields
292b1444ebf Remove bad test for AllocateLoadBalancerNodePorts
0bb280044ec Fix typo in IP allocator error
5970c4671cc Add an IPFamily() method to ipallocator
89b633d3532 Fix doc comment
13a1804a5f5 podsecurity: add restricted volume type check
622f69bf8d4 kubeadm: update v1beta3's godoc changelog
11d444b00e0 kubeadm: remove versioned copies of the bootstrap token API and utils
14fa296bb38 kubeadm: use the bootstraptoken/v1 API across the code base
5b7bda90c03 kubeadm: introduce apis/bootstraptoken/v1
1cfbb0aa25b remove webhook.go to revert changes to conformance test
ac4bb885be8 hostProcess test fixture data
49d31c45b12 PodSecurity: baseline hostProcess check
80494481135 [PodSecurity] baseline - apparmor Implement the "AppArmor" check from https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
b0ffaa93f5c move tracing instantiation further up, and check for nil
f0ffba75ad5 Add baseline check for procMount type
210c610d662 make sure to split NPD hashes by architecture when upgrading to 0.8.9
db3534dd648 master too main cleanup
e2e1c94f063 use native error instead of github.com/pkg/errors
2cab85a4034 Mark net.ipv4.ip_unprivileged_port_start as a safe sysctl
ba6b4c5a18c PodSecurity: test GA-only cases and alpha/beta fields separately
e87016cf941 PodSecurity: add ability to skip failure cases if relevant features are disabled
b522e95aaeb Prioritizing nodes based on volume capacity: API changes
03b7a699c24 Kubeproxy uses V1 EndpointSlice
ab5b77944ec kubelet/cm: don't set Devices
4e7cf5413d5 vendor: bump runc to 1.0.0 pre
67bc23411b6 [storage] [test] Ensure proper resource creation
5bd3334ad69 [PodSecurity] Add privileged containers baseline check
b790cf388ce Bump SMD to v4.1.2 to pick up #102749 fix
1c39cf23652 Fix incorrect user and group for kube-scheduler when it is running as non-root.
7ad44d04fce Enforce ReadWriteOncePod access mode during scheduling
d57e143277e [PodSecurity] Implement host ports check
9c150b0f22f Error string should not be capitalized or end with punctuation.
584eb5e947f Update local-cluster-up.sh to auto-detect darwin and skip kubelet and kube-proxy
1ac0e018d5b [PodSecurity] Implement sysctls check
4a2aef00d6d adds metrics for authorization webhook
6c86c34457e kube-scheduler: ensure the default config output of --write-to-config is usable
1441a330300 hostPath baseline check for Pod Security Standards
1fa673c15c9 Extent the `NodeResourcesBalancedAllocation` plugin to cover more resources
71cb2d71a87 podsecurity: add baseline hostNamespace check
da4aaf81cdd Error should be checked first, then go to other steps.
c1d5a3a99e1 Update golang.org/x/net to v0.0.0-20210520170846-37e1c6afe023
03f85e9ade8 Update NPD release version and include windows defender config
5c00024c70b kubeadm: fix wrong check for keys/certs during "download-certs"
f0d917a3caa add fuzzer patch to fix tests
39f32d7286a Ensure MemorySwapConfig can't be set without feature flag
d4041cb80f9 Add generated files for swap API changes
d3fd1362ca1 Rename NoSwap to LimitedSwap as workloads may still swap
0deef4610e8 Set MemorySwapLimitInBytes for CRI when NodeSwapEnabled
7342acb0b83 Add validation for KubeletConfig MemorySwap
7d50271d217 Update CRI with memory_swap_limit_in_bytes
bda03b4818d API change: add MemorySwap to KubeletConfiguration
9eeec68d67e Update local-up-cluster.sh swap warning
0dd4ce40adc Add NodeSwapEnabled feature flag
ac41e565822 docs: add documentation on adding files to the embedded data
deb14b995ac Add score plugin for NodeResourcesFit
ebc3fdb2936 Store PVC reference counts in NodeInfo cache
c65b80a6378 [storage] [test] Remove extra zone test
0ab03d3d5bb dependencies: remove go-bindata
bbccf2ecb43 e2e-node: move to embedded test manifests
d98b2dd2d62 generated: remove usage of go-bindata
68b334d02bf test: setup embedded file sources for manifests
ceb42d09389 Update github.com/pkg/errors with go native errors pkg
8e4212c01a7 test/integration: rename package and files name from master to controlplane in test/integration
903d76f558e apiextension: fix typo and test case in conversion integration test
3af6329caf2 e2e-framework: add an EmbeddedFileSource to sources
7546e5d6dc9 vendor: update manifest
43c2e454a05 hack: remove bindata generation logic for translations
eb75b343949 kubectl: use embedded translations instead of generated bindata
5ece28b77a2 kubectl: move translations to i18n package to kubectl staging directory
322c18c147d adds metrics for authentication webhook
b7d732d3d6f Map PV access modes to CSI access modes
8db83c89aab CSI client helpers for NodeGetCapabilities
5f98f6cfa47 Update helper methods to print and parse ReadWriteOncePod access mode
2b98f8edc77 Enforce ReadWriteOncePod access mode during mount
7491d016519 Validate use of the ReadWriteOncePod access mode
48ba5020a28 ReadWriteOncePod PV access mode and feature gate
358d2e0bd1f Export contains access mode helper method
83e3ee780ad Rename access mode contains helper method
dba8ee229ea Add validation options for PersistentVolumeClaims
9ba0eed7c50 Add validation options for PersistentVolumes
477aef192f5 fix loadbalancerclass integration test funcation name
ffdf3f50073 update node-problem-detector npd to v0.8.8
f80f9eeb6d0 Destroy the created runtimeclass resources at the end of the test case.
ab4918b6bc0 remove redundant clause in string_slice_flag
f59523ab4c8 Update dns-horizontal-autoscaler to use the wqmulti-arch image
c21f9cb59d2 Fix grammar
6f9011a4ae4 PodSecurity: vendor: generated files
b8bdcf64419 PodSecurity: update dependencies
724fbfbb69b PodSecurity: test: generate fixture data
93c6f8969a8 PodSecurity: check: addCapabilities
3733e209c91 PodSecurity: check: allowPrivilegeEscalation
a8206ef58be PodSecurity: check: runAsNonRoot
12ea930aae3 PodSecurity: check: selinux
42dc070b476 PodSecurity: kube-apiserver integration test
f39bddd7677 PodSecurity: kube-apiserver: admission wiring
65a42a483cd PodSecurity: pkg/features: feature gate
02a61877576 PodSecurity: admission: admission library
29f5ebf1fe8 PodSecurity: test: framework
1436d35779f PodSecurity: policy: registry
5183ea0bf03 PodSecurity: metrics: stub interface
a3ba921b168 PodSecurity: admission/api: configuration API
9ce17c87738 PodSecurity: api: runtime API
79d400c4416 add tracing to the apiserver's client-go requests
48dfa2a5542 generate scheduler merge patches on the pod status instead of the full pod
def93317b48 Kubelet Credential Provider
30a6812aa13 promote client.authentication.k8s.io to v1
889dcb5b54d e2e: node: fix npd test failures bumping image
669fb501368 upgrade staticcheck to v0.2.0 and update the static failure packages
39a373b162f correct example command of kubeadm help
a8d4cfac933 Allow delete with grace period 1s even if metadata period is negative
45ce2dfacc8 Treat negative as 1s in delete path
40593fa4d36 spec.terminationGracePeriodSeconds allow it to be set to 1s if it was previously negative
1b73a0040a4 Promote Stateful Status e2e test to Conformance
405e9a5172a Promote Deployment Status e2e test to Conformance
d3ad1d77f36 Promote Statefulset list and deleteCollection e2e test to Conformance
266ffa85266 bug fix in sctp test
4add8ed9106 kubectl command headers as default in beta
aeccadda4ff Update setcap image to buster-v2.0.3
1721be087d0 nodeport tests: node addresses must match the service IP family
0a8a9188c98 Update debian-iptables image to buster-v1.6.5
42f9333e7fa Update debian-base image to buster-v1.8.0
70124846fa4 control plane typo in node role path
21fd224ebdb Updated to use konnectivity client v0.0.21, and implemented placeholder context
2eb50ee2fd5 fix comment on dual-stack integration test
80171465b35 Renamed variable containing master to control plane
fa7b5d86e63 remove duplicate validation on services
20f84b12a16 Optimize scheduler res scorer on non-requested extended res
0cdd8c1c109 Removing ServiceAppProtocol feature gate
913c449a42f add unit test to verify graceful termination behavior
a84c1b71005 apiserver: NonBlockingRun should return a listener stopped channel
d85619030e3 apiserver: refactor graceful termination logic
79550ed40c6 Add distributed tracing to the apiserver using OpenTelemetry
916dbc335c9 nodeport tests: node addresses must match the service IP family
02a3caba9c4 refactor default IP family cluster detection
9accb994dff tests: Wait for the network connectivity first
16b7d473f23 Narrow the scope of the json/register test case usage checking
179e48c4bec Add missing comments in APF API types
fe161579e20 Add integration test to promote serviceloadbalancerclass feature to beta.
ecc53182475 Remove MPL-licensed dep from lruexpirecache
1e250610b20 Fix panic in pkg/volume/csi tests
7f893f6bd62 Split documentation according to both mechanisms available for migration
b6a317aeafc add a function that returns default scheduler configuration
5feff280e1a remove fakefs to drop spf13/afero dependency
af825b43577 Remove default JSON logging format registration from component-base/logs package
d3dfe124dac Update mounter interface in volume manager
4233056f804 Move HPA v2beta2 deprecation to 1.23.
538e7777c39 kubeadm:remove deprecated flags CSROnly and CSRDir
8f08db9164b Change log level to Debug
7cf30d56906 fix/remove-errors-pkg
89a4d4b0717 kubelet: modify the function of getCgroupSubsystemsV2 to use libcontainer API
23ce7977b75 Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default
cf07d42337b removes unused libraries
7e891e5d6cf csr: correctly handle backdating of short lived certs
70a524659aa kubeadm: add {Init|Join}Configuration.Patches.Directory to v1beta3
a4402122b4f kubeadm: add the --patches flag and deprecate --experimental-patches
70c0fdda0c6 Add lilic as Instrumentation reviewer
b259686b367 tests for statefulset PersistentVolumeClaimDeletePolicy api change
43f8f58895d add containers starttime metrics for metrics/resource endpoint
0762f492c5b Add config checking for inflight limits
e4e735cd1cf statefulset PersistentVolumeClaimDeletePolicy api change
0feba0c4eec Add StatefulSetAutoDeletePVC feature gate
5d461adb3b8 Apply suggestions from code review
93365919b50 Fix staticcheck failures
674802147c8 update to remove github.com/pkg/errors
730c21d386a Drop etcd tests dependency
01760927b82 Simplify running embedded etcd server in tests
cf9510751d5 StatefulSet minReadySeconds e2e
47615c20207 e2e: node: remove obsolete AlphaFeature tag
e7a240395e9 uses native errors instead of github.com/pkg/errors
12dcd2f84d4 Remove usage of github.com/pkg/errors
8b7003aff4c Add SeccompDefault feature
4b140218747 update github.com/pkg/errors to go native errors pkg in staging
3b36e6bcea4 kubeadm: fix image pull policy integration
b4dddbafa2f CHANGELOG: Update directory for v1.22.0-beta.0 release
c5498744c9e Making a run test.
cd318aec0ba Disable deprecated volume limits test when migration enabled and replace with CSI-specific test
6583b05f07b replace more powershell commands with /bin/sh in volume/fixtures.go
7aa8a497df0 replaced usage of powershell commands with linux commands
f0d7e9c9d1d undo windows compatibility changes because the linux commands work
9a146bc3e99 Remove [LinuxOnly] string from ginkgo tests
54070a66284 Enable another test in windows, use a /bin/sh command instead of a PS one
ee34cd640ac enable gcpdcsi multivolume tests with windows nodes
58a83ecbdb3 integeration tests
2c6bba29360 fix auto upgraded preferDualStack services (in cluster upgrade)
d4767ed5ebe memory manager: move to beta
b6c75bee15e Remove balanced attached node volumes
63a23f1ed7a Transitive dependency: high CVE fix
681905706d4 e2e node: provide tests for memory manager pod resources metrics
03830db82de Implement all necessary methods to provide memory manager data under pod resources metrics
24023f9fcc7 Extend pod resource API response to return the memory manager information
0f922b200f3 Simplify the formula used in the RequestedToCapacityRatio plugin
3daef0a5343 Allows manual restart of dbus to work in Ubuntu.
ec93b3b0be4 Stop using github.com/pkg/errors
0dd1624ec8e update cri-api v1
25f479c2ac7 fix'--log-file only works if --logtostderr=false'
d95f677dd86 Fix OWNERS
249db7ceb39 wait for endpoints to be available
44360b315ca GCE Windows: Upgrade to flb-exporter v0.17.0 which reduces log spam.
459fe7d08ad add support of imagePullPolicy to kubeadm
8231a3e9210 CSIServiceAccountToken ga
e2061cfcd81 Expose envvar CSI_PROXY_VERSION
518844fd25f use GA topology labels for vsphere
1e949fa9280 updating github.com/pkg/errors with native errors pkg
4d11c3cd8cb deflake TestClientReceivedGOAWAY test
6cb448c10e2 Specify etcdctl version for livenessProbe
676958c2bd0 Fix NodeAuthenticator tests in dual stack
b22d0b13cc4 Fix verify staticcheck flake in cluster/images/etcd
ea419eaf339 Add shu-mutou to dashboard approvers
6203d4fc6af apf: calculation of dR/dt should use seats in use
6d3fd8353c3 don't panic if nodeIPs are not found
1f9d448283a Use errors.Errorf instead of errors.Wrapf when the err is nil
afea48d23f0 test/e2e/network: remove dependency to google.com for in-cluster networking tests
292f2a67bd6 Update logging example with caller
e37d6d6c6dc Simplify zap logger initialization
a2a8080169a Fix: typo with hack/update-codegen.sh
fc38aeed6f8 Fix: typo on ExtractHoge
b9d5d5536ed Add log sanitization klog integration tests
cff40a7bcc1 Add info about source code location in JSON logging
e371b27e6cb Fix frameworkImpl.extenders being not set
875f1ffe2bc chore: clean up the tests that have external dependencies
72a53288a5b Remove gcepd unmanaged zone test.
35e9d97f3e0 update Azure/go-ansiterm to v0.0.0-20210617225240-d185dfc1b5a1
8942cba24d4 log if we're running with -race
68d8bcb64fb remove redundant bits from test-dockerized.sh
4ee729ce5f2 disable race detector in test-cmd.sh
55d2868e9d8 don't redundantly set KUBE_RACE in test-integration.sh
3c44b86ad65 enable race detector by default in make test
6c0463bd2b6 fix: properly wrap errors when reading response body in the client
3930629e130 Track generalization for width
676f0450ed3 Add APF metrics about R(t)
e72effbf12e Remove omitempty from PathType
774d228637d remove the path if it exists before writing pki data.
5d15ed02b56 Extract columnPrinter interface for printing the values behind additional columns
1c2ba3162db update internal modules
e977740ae63 Rename master to apiserver in test/integration
9571b1f8844 update vendor
4eab19ae7d9 Clean up the master term in test/integration comments
54fde5d119f Make logged verbs match metric-reported verbs
762eeb0988c Use the hostprocess feature flag and assign a user
ff716cef508 apf: take seats into account when dispatching request
47171077bf3 CHANGELOG: Update directory for v1.21.2 release
0ccf53dd200 CHANGELOG: Update directory for v1.20.8 release
780872223f2 CHANGELOG: Update directory for v1.19.12 release
6ae7b551143 update internal modules
97031da5e29 Correct comment block from openapi_v2.NewDocument to openapi_v2.ParseDocument
c691386fef7 Update github.com/googleapis/gnostic to v0.5.5 and updating transitive dependencies go-cmp, protobuf,, to adapt the latest gnostic release which cosists of [Update protos for Go protoc plugin compatibility]
edd0cd79eb0 Updating non-vendor specific code to support/use AWS-SDK-GO v1.38.49
1b27430b506 Updating AWS-SDK-Go to version 1.38.49
c673e166383 Fix ServerGroupsAndResources docs typo
1a4b0ee09bb remove excess error handling
45d18acbcc1 add info for possible failed listAndWatch grpc call
c789898f793 when new manager failed should return err
da35add03f7 Rename master to apiserver in test/integration
eed37fa47d3 fix: cleanup outdated routes
5a0756c5f4f Update etcd in kubeadm to run as non-root.
9e694a45f94 test/e2e/network: mark tests in test/e2e/network/netpol/network_legacy.go with NetworkPolicyLegacy
3c59e742f3b Create List, Patch & DeleteCollection StatefulSet Test
63d12371021 Fix Node Resources plugins score when there are pods with no requests
584503d2ed3 Speed up unit tests in -race detection mode
d41249f7803 CHANGELOG: Update directory for v1.18.20 release
d5da73032f7 Add unit test for DSWP with uncertain volume
f795b02f4f8 Refactor dswp unit tests
2fcb5e9cf79 Add PodRemovedFromVolume
ca934b8f5cb Add GetPossiblyMountedVolumesForPod to let kubelet know all volumes were unmounted
f4b41c0a171 Fix UnmountDevice error cases
54ad7e40f1a Add e2e test for NodeUnstage error cases
a47afdded0e cmd/kubelet: replace KEP link with the documentation one as it is available now
0bfd1cb7c71 Update gomock to 1.4.4, removing a few extra dependencies.
7fcdbbef06d Switch to github.com/coreos/go-systemd/v22 and drop older package
265ef1741f9 Move scheduler plugin set and configuration defaulting to component config
057422504ab Run volume cloning tests in the same topology segment
abf65843227 update string_slice_flag add nil judgment
cf2a3c32309 Kube proxy for windows userspace, remove dns Mangling, vendor updates
b98824c55d9 Update Azure Go SDK to v55.0.0
480093bd1f4 test/e2e/network: mark network_tiers.go tests with GCE tag
f298a658aed e2e metrics: remove redundant checks around metrics tests
a4c7e91b591 e2e metrics: skip tests when metrics grabbing is disabled
1d3420ca72f e2e metrics: check whether debug handlers are available
5e9076da93c e2e: grab controller and scheduler metrics via port forwarding
3e0269ce6e1 Move common code to ensureTopologyRequirements
4ee38f33d21 update etcd makefile to build v3.5.0 image
6448181d95c Update to etcd v3.5.0 client
207f9e8b714 switch go-flow-levee to tagged version
84112d36900 refactor cmd/kubeadm/app/preflight/checks_test.go()
5ca47deb0aa Promote DaemonSet Status e2e test to Conformance
f7d02f4d25a Promote ReplicaSet Status e2e test to Conformance
503f5e1b528 Quiet grpc info logs in apiserver
dd5f67d23c0 Kube proxy for windows userspace, remove dns Mangling
8fb909291fb Skip migrated metrics for Windows CSI tests
f02948e7766 Use container-storage-interface spec v1.5.0
6ba7b3d26b3 allow enabling Leader Migration without config flag.
bade96ed78f implement wildcard component.
eadfe46e036 Do not throw error when we can't get canonical path
14085c50d3c bump KUBE_TIMEOUT to 180s
2f7456076e0 apf: always include seats in virtual time
9469756b6cb Ensure kubelet statuses can handle loss of container runtime state
211485c23d3 last-applied-config annotation no longer mirrored to endpoint slices
ceb1dbd2f1f statefulsets: MinReadySeconds implementation
01bb0f86b02 update comments and owners file for pkg/util/removeall
f1de598233e Improve terminated pod message when node is shutting down
f9343f837dc Use LoggingConfig within LogOptions
5cfc39ef5e9 Update protobuf,grpc,etcd dependencies
bc86d12dd9c Update generated files for endPort promotion to Beta
a26c392de17 Fix etcd egress dialer addr parsing
19db126d76e Exercise egress configuration in local-up-cluster
f283deee6b6 Quiet embedded etcd logs
068e4c55a8a Eliminate parallel and unnecessary embedded etcd instances
52b629efbc8 Drop use of deprecated clientv3.SetLogger
2979c3325e3 Switch to go.etcd.io/etcd/client/v3
ff2c6142459 Switch to non-deprecated timestamppb.Now()
1134456c89c Fix CSI mock driver to get marshaleable grpc error
77ab4bdbbcc Drop etcd v2 support from test util
5f1983d8710 Drop etcd v2 support from etcd migration image
1e1a60e310d publishing: Use go1.15.13 for 1.20 and 1.19 release branches
9f18ddf03ce Promote endPort field in netpolicies to beta
e427d2f22a7 test/cmd: kubectl and exec plugins don't fight for stdin
60246f69cc0 kubectl: don't fight for stdin with exec plugins
cd83d89ac94 exec credential provider: InteractiveMode support
ca254e978b5 feature: add unified on cri to support cgroup v2
be48f1d272d Add test cases to the addAllocatableThresholds function in pkg/kubelet/eviction/helpers.go
8fe00a7e484 Start deprecation of --record flag
5ea3dd531c7 Update certs.go
83ee5da75e9 Fix:slow memory leak may be in kubelet podworkers.isWorking
74feb075948 kubeadm: CoreDNS permissions for endpointslices
188193e1c0b kubeadm: upgrade coredns 1.8.4 and corefile-migration to v1.0.12
a3e464490a5 Fix some typos and omissions in kubeadm APIs
ff0f83b4b2d skipping more tests in case when ExecProbeTimeout set to false
4b36a5cbe95 Switch to github.com/robfig/cron/v3
f042b4968d3 Fix broken KEP link for issue #101008
c329202ee8e update comments to reflect wildcard component.
44cb4a63f61 Allow write on events to edit role
7560f33e27d kube-scheduler: stop using insecure serving bits
59b4b124df0 Update kubeadm control-plane to run as non-root.
de2f9f17093 Remove error wrap from logs
2e06066bab8 Migrate kube-proxy to use v1 Event API
8748f3105bb Update corefile-migration to v1.0.12.
60ab908119f Fix - Winterm issue on Windows 8.1 in kubectl exec
9f7d61c520f Upgrade ANP components to v0.0.20.
106f416873c Upgraded konnectivity-client to v0.0.20
9109d928cd0 test(proxy::config): deflake TestInitialSync
44b396ae0e6 owners: update puerco/cpanato and clean up old members
c13c3ebc793 Remove deprecated scheduler CLI flags hard-pod-affinity-symmetric-weight and scheduler-name
c710f99ef73 apf: add a gauge for the number of seats currently in use
9d514b2de42 Konnectivity: tune flags for larger clusters (5k nodes).
36eaa11d50b cleanup usage of NewPodNominator
fd972934e49 client-go: reduce log level of reflector again
369416b7636 cm: handle nil cpumanager avoiding segfault
29aa4c0ee81 Check content of volumes in snapshot/clone multivolume tests
89284a1ba7f run_remote: improve error reporting
654ec0866a9 kubeadm: use a suggested example in v1beta2/3 docs
9255f2ccf38 Fix kubelet cpuset typo
68f139548b3 Remove unused parameters from TestConcurrentAccessToRelatedVolumes
77c04d22844 Increase KUBE_TIMEOUT default to a passing default
110c39ef60c unroll extenders
dae335c1150 Fix test failure in some envs.
90df026709d JSON log format registration for kube-controller-manager
170c93bf05e JSON log format registration for kube-apiserver
52f5ba3a58d Remove SchedulerAlgorithmSource from scheduler's internal CC API
a5825d68365 JSON log format registration for kube-scheduler
e6bf19bcf69 Update CreateInitStaticPodManifestFiles, CreateStaticPodFiles and CreateLocalEtcdStaticPodManifestFile to take into account if the command was run as dry-run.
183bc3cece7 Allow scheduler maintainers to approve changes in the internal apis pkg
46f3e4dfdd4 Define in-tree scheduler plugin names in separate pkg to break a cyclic depednecy when moving plugin defaulting to CC
a84b91f08c1 fix net-tiers e2e test
6d7c83f2cd1 the last upperbound of kms latency metric is too small
9b72eb1929a apf: add plumbing to estimate width" of a request
12447bc8038 Upgrade etcd server version to 3.5.0-rc.0
c98306a09e9 test: adjust summary test for cgroup v2
c0c9f1f318c Ignore first SIGINT in node-e2e tests
bd80603c9e5 JSON log format registration for kubelet
386036d23d0 Add k8s.io/component-base/logs/json/register to vendor
dc5626cc183 Upgrade debian-base to buster v1.7.1
897f8012fdd kubeadm:Run preflight checks for diff to check that the manifests already exist
484eb018222 kubelet: do not call RemoveAll on volumes directory for orphaned pods
528baa09f6d e2e storage: disable health-monitor controller in hostpath deployment
1932536ebe3 CHANGELOG: Update directory for v1.22.0-alpha.3 release
a94aa0ea9a3 Update version of go-flow-levee for verify-govet-levee check.
de7e56bf374 apiserver: close handler chain right after shutdown delay duration
652e056e61f Add dims as approver in build/ directory
3968ee532d9 CSI e2e: stop leaking pvs in CSI mock snapshot test
1524526991c [go1.16] Update to go1.16.5
1eb8060dd61 Add test for CSI mounter
0fcd3c951c5 test/integration: Rename master to controlplane or apiserver
257b494478a test/integration: Rename masterConfig to instanceConfig
ac5535c9491 test/integration: Rename MasterConfigOptions to ControlPlaneConfigOptions
3ac8d8c9cee endpointslicemirroring controller mirror address status
8d0936b7436 Check empty zone after the validation of providers
aea2e33175b gendocs: using bytes.NewReader(nil)/ioutil.Discard instead of os input/output to generate command
c065d7c7b3b Fix NPE for CSI mounter
f22b07d8b42 add e2e test for immutable label selector in netpol
ff164f90130 feat: remove ephemeral-storage etcd requirement
bb6151906f1 Add utils to set file/directory owners and permissions.
95c8b02096b Add explicit capability for online volume expansion
28511e82ad9 Add e2e test for a volume + its clone used on the same node
7a63dff88bb Update konnectivity default
3c8e56bef95 scheduler: graduate CC to v1beta2, deprecate plugins
2067b69b922 storage e2e: extend timeouts for subpath restart tests
3a830aacb0e Trivial: fixed typo in logs requrested --> requested
64946cd50d6 fix flake integration rotation via informer
7ced405de5a Create a new modele component-base/logs/json/register for optional json register
92b52a4fb56 populate last successful time to cronjob status
77bb053102c Use native zsh completion
7b0fbb72929 add audit log test cases for cross-group subresource
46aa6045e4c Add tests for completion utility functions
1babceac650 Revert "Add Go tests for custom completions"
9625872d1e4 Join common functions for completion
9d03185d3c1 Update staging/src/k8s.io/kubectl/pkg/cmd/config/config.go
c0b3a698fa1 Add Go tests for custom completions
879cdc5fa9e Move all completion bash code to Go code
663b13e8149 refactor: implement custom completions for some flags using Go
c5d70e9db1e Fix staticcheck in cluster & k8s.io/{apimachinery,apiserver}
aa9321f534b Add example showing impact on log output
8e85a2b0c23 sched: fix a bug that a preemptor pod exists as a phantom
c15fd76ee90 e2e storage: enable health-check controller in hostpath deployment
88174fc3f2c Add klog integration tests
c9414c2bbaf fix bug where string slice flag is not assigned
2e167a1399b Disable zap sampling and cleanup config
a9a2346e194 Cleanup json logging benchmarks
d8e91ab7275 Fix test order in /pkg/probe/http/http_test.go
1010e6a9d98 proxier/ipvs: fix test cases where ready endpoints were not used
cc2e9394be3 kubelet: Fix test order in verifyContainerStatuses
91e5d98b572 Fix audit unit test file location
4ebc0c94a4e Remove legacy metrics client from podautoscaler
3175dbd8554 Update owners for structured logging library
f5739a15d1b The test was not very useful and required elevated access
8eb7e81bc94 proxy/ipvs: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating
ed4fe073755 proxy/iptables: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating
14cc201b58b proxy: add test case in TestGetLocalEndpointIPs for when all endpoints are terminating
3e459997c83 proxy/ipvs: add a unit tests for when the ProxyTerminatingEndpoint feature gate is disabled
68ebd16a2ca proxier/iptables: refactor terminating endpoints unit tests with test table and test for feature gate
f92265f6543 proxier/ipvs: check feature gate ProxyTerminatingEndpoints
8c514cb2329 proxier/iptables: check feature gate ProxyTerminatingEndpoints
25e2c92733c add feature gate ProxyTerminatingEndpoints
cf9ccf5a8e2 proxier/ipvs: unit tests should specify Service ports
d82d851d89a proxier/iptables: include Service port in unit tests
4c8b190372a proxier/iptables: reuse the same variable for endpointchains for better memory consumption
55881093d8a proxier/ipvs: add ipvs unit tests for falling back to terminating endpoints
9d4e24aa32d proxier/ipvs: fall back to ready terminating if no ready endpoint exists
b54c0568d8c proxier/iptables: add unit tests for falling back to terminating endpoints
732635fd4b2 proxier/iptables: fallback to terminating endpoints if there are no ready endpoints
be92fc83e2e proxier: simplify toplogy FilterLocalEndpoint function
e797a5a1989 client-go: fix flake in test TestRequestWatchWithRetry
892d4fabb84 Revert "Merge pull request #102581 from liggitt/revert-watch-retry"
fbf2d2df268 only delete forwardingrule and address when net tier annotation is specified
d9f82f7eba4 Drop viper stuff in test/
558bdd18aa2 Update cronjob integration test to batch/v1
6871b2b3c73 Rename masterConfig to controlPlaneConfig
812a04539cc remove redundant code
45179bb989a update debian-iptables to v1.6.2
c26c423b1ca storage e2e: disable health check containers
82be7aad262 Update etcd makefile to build v3.5.0-rc.0 image
ceaf9b9d16a add ut for preventing dropping null from arrays
ca279bbcc18 Fix race in attachdetach tests
6e0650e3e13 upgrade gopkg.in/evanphx/json-patch to v4.11.0
e35af41a123 Revert "client-go: add retry logic for Watch and Stream"
58833d652d5 Support subresource match
38d3ae1a060 api: update API compatibility tests to remove topologyKeys from Service
e9c7fa49d95 core/v1: add unit tests to ensure deprecated protobuf field numbers are not re-used
d96af5f2761 kube-proxy: remove ServiceTopology implementation
f119b8df5f2 apis: update generated code after removing Service topologyKeys
4d38d21880a apis: remove Service topologyKeys
8c376426f3e features: remove alpha ServiceTopology feature gate
0b8dc56408f fix volume failing test
a2a4b50bc15 fixed deadlock
ae603a38bc2 remove -ssh-user from cluster scripts for GCE
f94391789f1 Add doc.go for client-go apply support
5bf7bb52fe4 Remove -k from toCurl output
ba708e5fc9e graduate SuspendJob to beta
8aba8e2a2cd remove the ssh tunneler implementation from kube-apiserver
6449416a3d7 Add scalability label to kubemark OWNERS
84590fe27cd remove --ssh- options, deprecated 13 releases, that only work on GCE
ab45d5e4963 part of master to controlplane in test/integration SetMaster -> SetAPIServer
51717256f97 fix(timezone): the timezone is standardized to UTC
1331c76aa3d Added field-selector option for kubectl top pod
08ad7114d3f make lint-dependencies happy!
29def9ff6ab Updating to prometheus/common v0.26.0
77b5ad2fb02 Part of master to controlplane in test/integration(1.22)
2c9f02c3290 Add test
506fabc9ab9 Close the used modules file
b87ad95fec3 Close the used file
918246d7a16 update error info with the new limit in #98753
387154f1a9a Part3: master to controlplane in test/integration Rename RunAMaster to RunAControlPlane
f6d015be7a0 kubeadm: add utilities to manage users and groups
dfd67c7d79e Add unit test coverage for init container phases
47a7fcb17b4 GCE Windows: Only create NPD kubeconfig when the file path is defined.
b8edcd3bb33 add loadbalancer name to ESIPP tests so regex pick them
8e2eeffa792 PokeHTTP default timeout to avoid hanging connections
21073e3b347 loadbalancer outer poll loops should have a longer timeout that inner loop
27e20e226eb e2e lb use same variable for endpoint path
bd2d63dd57e Fix closing of decorated watcher channel on timeout
8847a250267 apf: fix flake in test
5d4c1162b94 hotfix(staging_apiserver_pkg_httplog): restore depth to log calls
53af0027420 storage e2e: capture driver pod changes, including all events
9eea445bcce Update test cases for 'RESTARTS' column in 'kubectl get pods'
ec4182d0032 Add last restart time to 'RESTARTS' column to 'kubectl get pods' output
ce08fd59767 Add test cases to the LoadClientConfig function
211e9747224 Clarify and split up the "not actually SCTP" SCTP NetworkPolicy test
4b0d0d6fc7d Fix spurious Feature tags on some NetworkPolicy tests
c3a9c7da160 Promote CronJobControllerV2 flag to GA
1619e8eb953 Clean apply's prune and kube addons with batch/v1 CronJob
1bf8edfdd44 remove GAed feature gates group: LegacyNodeRoleBehavior/ServiceNodeExclusion/NodeDisruptionExclusion
8054b0f808d Fix watch rejections in P&F filter
15c4d579f08 Use objGV instead of gvk.GroupVersion
eac1d23825b nit: Update comment to match headers change.
b049e1b9ab4 Cleanup redundant failure reason in InterPodAffinity plugin
95ac461a290 serviceOwnsFrontendIP shouldn't report error when the public IP doesn't match
58d7bf67d46 Simplify objGV construction
b9b01a0f901 Simplify objGV construction
19c72a6cd05 Simplify objGV construction
0ae6a7bac6b Simplify objGV construction
86d68effc21 clean code
355be993906 Default GCE testing to using konnectivity
673352dbd25 Cleanup Framework interface
97ba90cbfb4 use subpath for coredns only for default repository
9880ceceb94 Add KEP links to sig-net feature gates
9d2135f703f reuse fake topology manager
8b3162d67b2 clean code
f3f59d420a6 remove LinuxOnly tags for subset of dual-stack tests
39d45fcceff Add user and group name constants for kubeadm rootless control-plane.
3cb4f3e1bf0 GCE Windows: Upgrade to fluent-bit 1.7.7, 1.7.6 had a major regression.
8d9dd7b6eae Avoid warning on seccomp field usage
f2ca9c17946 Fix regression for timed-out stream cleanups
452e2eaf1ba Fix RollingUpdateDaemonSet godoc regarding rounding
e3841e91c81 fix watch_cache_capacity metrics
5b0bafabf6b vendor: upgrade cadvisor to 0.39.2
4567a431010 Return UnschedulableAndUnresolvable when looking up volume-related resources returns NotFound error
e105611d3a7 Azure auth forwarding adal refresh error to tokenSource, fixes error when token refresh fails.
d9d51541a87 Address watch panics in P&F handler and extend testing.
582b492cc09 Pre-allocated memory
341f6e42673 Refactor logs options
607d3819498 client-go: add retry logic for Watch and Stream
f9249061737 Bump golang.org/x/text to v0.3.6
6a374b50f92 Add tests to logs
eb114115fdb Improve func ToSelectableFields performance for event
1431eab36d3 Remove Godeps
329f7d55d13 Fix auditing failed of request: encoding failed
ade167e53af Delete AvailableResources judgment for GA features
c7111515c5b Enable protocol-buffers by default
3c899f9b54d sched: fix Dump's doc comment
24a1f9d817c kubeadm: use "SkipPhases" from configuration for "init" and "join"
ac161866aa7 kubeadm: add SkipPhases in {Init|Join}Configuration for v1beta3
39d74049615 Uniform output string.
47c8c48e2cf Remove Redundant alias
2787e8c18ce Kill container runtime with SIGKILL
1b6cf83cf40 Error message should not be capitalized.
d3f92af74f1 Part of master to controlplane in test/integration NewMasterConfig -> NewControlPlaneConfig
cd3709232f8 Fix VolumeAttachment garbage collection for migrated PVs
02bade46443 Fix a grammar error in doc
c9fe8ddf68d bump calico to v3.19.1
816a069d543 Add a test for verifying compute basepath.
36cdb72eb6f (scheduler e2e) Create balanced pods in parallel
3813ed1ef71 fix prometheus-to-sd image for fluentbit
12fe4dee2b0 Update setcap to buster-v2.0.1 and add setcap to dependencies.yaml
f9a04f3bc4a Move error reporting to volume plugins
0ed0714f8c0 Simplify kube-cross dependency handling
39d9e98a6f9 Build non-static binaries with PIE buildmode
ac17d03e76c Remove set errexit from etcd manifest
ae4db677f41 Update kube-cross to v1.16.4-2
c694b9f7619 CronJob: switch storage version to batch/v1 in 1.22
781c65a40c2 fix: skip pods with empty ip
580b557592c Log spelling formatting and a redundant conversion
5c2841c8cd4 Forbid the use of --config and --cri-socket at the same time
6738380a80c cleanup tempDir after fsstore_test.go
d9681d72669 AllowExpandedDNSConfig if haveSameExpandedDNSConfig(newPod, oldPod)
6317ce63c6a Add feature gate ExpandedDNSConfig
819059f641d kubelet: Validate the length of the DNS search path
a95842095ec Retry reading /proc/mounts indifinetly in FC and iSCSI volume reconstruction
82cfe9f14f8 ConsistentRead tries 10 times
1d16f934b94 Bump k8s.io/utils
64e8396e300 Retry detaching FibreChannel volume few times
faae926d15d Changes headers to IETF standard
d7a67a3b8e5 change log line to print actual pod uid instead of address of the pod uid
876174125bc upgrade klog to v2.9.0
27044f48552 depracate ValidateProxyRedirects as it is with StreamingProxyRedirects
363b78fe883 Promote cronjob to batch/v1: kubectl sparse_test prune
90e215dfd29 add api e2e test for port ranges of netpolices
9cfbf062256 cleanup PodPreset testdata
0cc217647ca Implement support for watch initialization in P&F
507710b50f8 Update CNI plugins v0.9.1
4acb6a865c9 storage e2e: use csi-driver-host-path v1.7.2 in single pod
d98a83bb01b kubeadm:return error info normally
80a5b004451 Removing utils/mount dependencies from vendor
2769e99dba2 remove scheduler deprecated algorithm-provider flag and clean up algorithmprovider pkg
e89d2a77795 Promote Daemonset list and deleteCollection e2e test to Conformance
5e4c59ba991 Promote Replicaset list and deleteCollection e2e test to Conformance
e43e9696cc6 Fixed sort-by not sorting Resources as expected
8651fcb25a7 Implement a windows Netpol NewModel
4c95bc8830b testdata: StatefulSet
f3ab9550180 validation: Handle presence of api introduced
d11cc95376c feature: Add minReadySeconds featuregate
5464b649812 generated: Changes for api introduced
49af8358522 api: Introduce minReadySeconds,AvailableReplicas in Statefulset
df4c34e771c Update pd csi driver images to use v1 images (CSINode, CSIDriver, etc)
17551f291d0 Return UnschedulableAndUnresolvable instead of Error when failing to lookup pvc or storageclass in VolumeZone plugin
f871475a5e5 Grant PSP permissions to all serviceaccounts in e2e, not just default
80fa50e0d74 Update etcd image revision
33fe4bb0764 Update debian-base to buster-v1.7.0
3bcc15e19dd Update debian-iptables to buster-v1.6.1
6c0976814ca use ownerReference to build default spreading contraints in the scheduler
2e771b8e745 Make a public ValidateAnnotationsSize
8e5a9824425 kubeadm: remove the cgroup driver detection code for Docker
a013c6a2db5 Adding IPV6 (Dual Stack) support to handle IPV6 pod cidrs
93f79103e54 kubeadm: add "+optional" to fields with "omitempty" in v1beta3
2c79f52de90 Local PV e2e: fix leaked local volumes
38c56883f1c e2e: hugepages: delete test pod after the test
e862421c2bc Update etcd makefile to build v3.5.0-beta.3 image
383ce85649c [scheduler] avoid comparing function pointers in unit tests
c9ec4862872 Part of master to controlplane in test/integration Rename NewIntegrationTestMasterConfig to NewIntegrationTestControlPlaneConfig
1b6895c11fb Fix: remove framework.ScoreExtensions interface check
5908cd0d90d simplify returning boolean expression in /pkg/volume
9e257ec194f Optimization logging format for pkg/kubelet
55ff9630179 Make validation totalAnnotationSizeLimitB public.
69019a03d3a Add netpol tests for windows
2d361d43063 e2e: Flag questionable durations in container status on termination
f9cb68a2b13 Fix EndpointSliceCache::getEndpointsMap for different endpoints with same IP
f1aee7e0496 kubelet/cm: GetResourceStats -> MemoryUsage
517feed45b5 Add: interface check
202a0120937 Add restart unit test
b344d4d4422 api link is missing
20c02357cad Add hint to fake topology manager.
c299b8fc9a0 kubelet/cm: rm propagateControllers
fadf3e15316 Graduate prefer nominated node to beta
e8f69398c35 simplify return boolean value expression in cmd/kube-controller-manager/app/certificates.go
c24b87b1336 Fixed a possible nil pointer dereference caused by variable `plug`
c201a78dff9 Remove etcd connection apiserver preflight check
3c1576ae573 Create e2e Deployment status lifecycle test
bcfa3604a28 Create e2e test for Statefulset Status endpoints
990d0949c4e Add test, after restart dbus, should be able to gracefully shutdown
9c59e6c85fa After dbus restarts, make GracefulNodeShutdown work again
ae90e6b9a1f Retain the test coverage of TestObserveWebhookRejection.
fb23e449ab6 Add attr to the argument list of ObserveWebhookRejection, and remove operation, as it is included in attr.
f40b10e3aa0 Prevent data race condition in vsphere unit tests
f9ee64007ee apf: always create missing bootstrap configuration object(s)
32c14da9025 fix(metrics-proxy): wait for enough component pods to show up first
6c63ef147cc extract same code of es and esm to pkg
72fe1b722ce Make the service account error more apparent
88b31814f4a BoundServiceAccountTokenVolume ga
619fff10eac handle Unmarshal error
074f25523b2 scheduler_perf: correct error handling
55be51a2dbe Issue [2683](https://github.com/kubernetes/org/issues/2683) was closed with PR [2690](https://github.com/kubernetes/org/pull/2690O) sSimran should now be part of kubernetes ORG
330fee13506 remove the RunAsGroup feature-gate
5ea01629066 e2e: deflake test by not relying on events
3916c009551 fix manual trigger of readinessProbe on startupProbe success
fa1a4100c6c Remove CSIMigrationVSphereComplete flag
baa88b26cdc Remove feature gate to GA the setHostnameAsFQDN feature
60377ba1a37 graduate IngressClassNamespacedParams to beta
2eb90f9b809 Default StreamingProxyRedirects to disabled
afe28c6fc83 kubelet_pods.go: clean makeEnvironmentVariables
1df3a735d3b go-to-protobuf: small fixes to improve debuggability
2335547a9cf cleanup: delete tempDir after flexvloume_test is executed
650666406e1 update kubelet_running_pods metrics comments: pods that have a running pod sandbox
a3b2e35d700 Making a run test.
125fb04dbf2 Relax node_id length limit to 256
2dbdfd0902e Extend the max of admission latency buckets to 10s.
e7db88b0b65 Add a namespace label to admission metrics.
3bad31b531e Add allowAutoIOPSPerGBIncrease to translated AWS EBS StorageClasses
4272ac92a76 Document the NodeAddressType values
b9d9cc38b52 fix: inaccurate miss schedule times of cronjob v2.
78323910db5 Fix typo: Use uniform format of structured klog
8725c960149 Fix csi_client_test.go metrics nil pointer dereference
79126376f02 Add test for counting inodes correct with hardlinks
d45ba645a8f Get inodes and disk usage via pure go
6e54f067e9d Support dynamically set log level for kube-proxy
1d764952dad Fix incorrect test code in pkg/volume/csi/csi_attacher_test.go file
64fca6bda7d doc: remove the description `socat` is required
80b4277bff4 Optimize the structured Logging migration.
0eb40b3ded6 e2e: reduce pods used in shared local pv test
dea89e549fc Fix use nil err
086cdfb3601 Use docker buildx for the build-image.
2d3073c5917 Tweak kubelet config comments for consistency and readability
fdcbb54febd Improve kubelet config type documentation
bc3e7b5dca3 nit: use %v for error as it is already quoted
04f091790ee e2e: TM: wait for SRIOV devices in pod scope tests
8e7b5ff480b staging/src/k8s.io/apiserver/pkg/registry:migrate logs to structured logs
3ec63238c53 fix kubectl alpha debug node does not work on tainted nodes
88fbd370407 Fix the url 'version's comparation of github.com/Azure/go-autorest/' lost
1995f28c64a Simply modify the Kubectl logs information
385b7d7ff07 fix --event-qps and --event-burst
620c23473fb fix Spelling error for klog
00da68dbc25 Adding restart kubelet flag on e2e test
07002e41bbe Update Calico to use a non-conflicting route table range
ad156aff59e ignore "vmdk not found" vsphere errors during unmount (assume success)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If host does not install libdevmapper.so.1.02, run native skopeo failed:
...
$ tmp-glibc/sysroots/x86_64/usr/sbin/skopeo -h
|tmp-glibc/sysroots/x86_64/usr/sbin/skopeo.real: error while loading
shared libraries: libdevmapper.so.1.02: cannot open shared object file: No such file or directory
...
Create wrapper to set LD_LIBRARY_PATH which using native
libdevmapper.so.1.02
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* now when pypi uses SRC_URI_prepend since:
https://git.openembedded.org/openembedded-core/commit/?id=8f17b8bce85efb0e9a7e15d0b98a5cf7b6bd9750
both entries end in SRC_URI (because of delayed nature of prepend):
https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz
git://github.com/containers/podman-compose.git
causing:
ERROR: podman-compose-0.1.5-r0 do_fetch: No checksum specified for '/OE/build/oe-core/downloads/podman-compose-0.1.5.tar.gz', please add at least one to the recipe:
SRC_URI[sha256sum] = "fb229362f188980ea3fbdee2a25d0a2dd6a0b886d925d5213e22e09f1062ebe9"
ERROR: podman-compose-0.1.5-r0 do_fetch: Fetcher failure for URL: 'https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz'. Missing SRC_URI checksum
ERROR: Logfile of failure stored in: /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/podman-compose/0.1.5-r0/temp/log.do_fetch.55855
drop pypi inherit to restore the previous SRC_URI with just the git:// entry.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
Since seccomp depends on libseccomp, and seccomp is only available
when the distro feature is enabled, we add the same dependency and
distro feature check to this recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
Since seccomp depends on libseccomp, and seccomp is only available
when the distro feature is enabled, we add the same dependency and
distro feature check to this recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
The libseccomp package is only available if seccomp is in DISTRO_FEATURES.
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* added with to v2.0.29 commit:
106cad5 seccomp: add support for seccomp notify
* fixes:
| src/seccomp_notify.c:9:10: fatal error: seccomp.h: No such file or directory
| 9 | #include <seccomp.h>
| | ^~~~~~~~~~~
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1.Add native and nativesdk support.
2.Replace "multipath-tools" with "libdevmapper" and "lvm2". Because
the really direct DEPENDS package is "libdevmapper" and "lvm2". Log
of do_comopile as below:
-----------------[cut here]---------------------
DEBUG: Executing shell function do_compile
NOTE: make -j 40 BUILDTAGS= bin/skopeo
CGO_CFLAGS="-I/...../usr/include"
CGO_LDFLAGS="-L/...../usr/lib
-lgpgme -lgpg-error -lassuan" GO111MODULE=on go build -mod=vendor
"-buildmode=pie" -ldflags '-X
main.gitCommit=8efffce8befc2de87670ba75d6c86ada61e869fd ' -gcflags ""
-tags "" -o bin/skopeo ./cmd/skopeo
Package devmapper was not found in the pkg-config search path.
Perhaps you should add the directory containing `devmapper.pc'
to the PKG_CONFIG_PATH environment variable
No package 'devmapper' found
pkg-config: exit status 1
make: *** [Makefile:134: bin/skopeo] Error 2
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
add nativesdk to BBCLASSEXTEND
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping conmon to version v2.0.1-250-g1ef2468, which comprises the following commits:
1ef2468 Fix docs links due to branch rename
24c73c2 seccomp: fix for unsupported versions
fc7830d bump to v2.0.30-dev
7e6de66 bump to v2.0.29
b033cb5 Reset OOM score back to 0 for container runtime
106cad5 seccomp: add support for seccomp notify
77dfb4b .cirrus.yml: raise the timeout to 60m
87330dc call functions registered with atexit on SIGTERM
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
The upstream project switched from master to main, so we add
an explicit branch specification to avoid fetch errors (as
the deafult of master no longer works).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 0.20.1-7-g7ef74c9, which comprises the following commits:
b07c389 criu: fix error check
09401bb linux: fix unitialized variable
b222968 cgroup: fix a memory leak
1182975 cgroup: honor memory swappiness set to 0
38271d1 NEWS: tag 0.20.1
923447b container: ignore resetting keyring SELinux label
b26493f Dockerfile: install required python3-jinja2 package
0d42f11 NEWS: tag 0.20
9042ac5 seccomp: drop SECCOMP_FILTER_FLAG_LOG by default
0f4156f cgroup: Refactor libcrun-cgroup-destory to support picking subsystems dynamically and clean custom controllers.
d6be344 cgroup: ignore devices errors in a userns
6e187fb cgroup: do not join empty controller
badb23d seccomp: report correct action in error message
5201956 container: apply SELinux label to keyring
4b664e9 linux: attempt to open existing dev file first
dd1c419 libocispec: sync from upstream
5f74e2a Makefile.am: make sure libocispec uses main branch
f0c76e1 utils: close_range fallbacks to close on EPERM
1596ab1 Update crun manual with recently added flags
1d84d62 Fix type for LinuxDeviceCgroup.linux.resources.devices.allow in default Spec
62d251d container: call prestart hooks before rootfs is RO
48bc33d Exec: Add --process-label and --apparmor to allow modifying selinux_label and apparmor_profile
0e53e87 Exec: Add --no-new-privs to and adhere if noNewPriviledges is false in basespec config
2de8b43 Fix SIGSEGV for rootless container caused by case when def->linux is defined but def->linux->cgroups_path is NULL
54e77c2 Add support for spec --bundle
ae11886 cgroup: fix regression in mode detection
194b72d kill: fix race condition with pidfd_open
2910d9b cgroup: add custom annotation run.oci.delegate-cgroup
407eef9 cgroup: drop argument from function
0485de6 cgroup: report error if the cgroup path was set
bf5020a cgroup: improve error message
a131715 cgroup: fix recursive cleanup
6e95060 cgroup: kill procs in cgroup on EBUSY
0274d6f tests: disable go modules
1272eaf tests: skip podman create --pull
04f1a6a container: read the error from the init process
29afcd6 Update README.md
9863a8e Update README.md
55f5ed5 utils: use /proc/self/fd to open unix socket
fa40930 contrib: fix warning from the rust compiler
1535fed NEWS: tag 0.19.1
227e0be spec: add cgroup ns if on cgroup v2
3fbe777 libcrun: add const to spec_file
eb34661 libcrun: annotate cgroup_mode < 0 checks
92bcc81 tests: add fuzzing tests
af3509d cgroup: support array of strings
9effaeb On exec, honor additional_gids from the process spec, not the container definition
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
| |
The upstream project has moved from master to main, so we adjust
our recipe accordingly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v3.2.1-2-gab4d0cf90, which comprises the following commits:
60752b320 Bump to v3.2.2-dev
152952fe6 Bump to v3.2.1
c5d9c0a6f Updated release notes for v3.2.1
4f56f7f13 Fix network connect race with docker-compose
e42d727a9 Revert "Ensure minimum API version is set correctly in tests"
f69789155 Fall back to string for dockerfile parameter
5a158563c remote events: fix --stream=false
38fbd2cb9 [CI:DOCS] fix incorrect network remove api doc
26eae3bf8 remote: always send resize before the container starts
c751544fa remote events: support labels
c28f442b2 remote pull: cancel pull when connection is closed
2993bdf1e Fix network prune api docs
8ba0c92e6 Improve systemd-resolved detection
c3f6ef63a logs: k8s-file: fix race
f1e7a0747 Fix image prune --filter cmd behavior
5ddd76edd Several shell completion fixes
2afb5eeab podman-remote build should handle -f option properly
6beae86f0 System tests: deal with crun 0.20.1
80362b34c Fix build tags for pkg/machine...
c85b6b3fe Fix pre-checkpointing
b61701acb container: ignore named hierarchies
e0dcffa8d [v3.2] vendor containers/common@v0.38.9
d46deca8c rootless: fix fast join userns path
f2b3da502 [v3.2] vendor containers/common@v0.38.7
78430ee1d [v3.2] vendor containers/common@v0.38.6
b6ef7cf21 Correct qemu options for Intel macs
9647d8844 Ensure minimum API version is set correctly in tests
72455ece4 Bump to v3.2.1-dev
0281ef262 Bump to v3.2.0
cff73766f Fix network create macvlan with subnet option
8688f54ea Final release notes updates for v3.2.0
f62c6bf6e add ipv6 nameservers only when the container has ipv6 enabled
4b8ca6303 Use request context instead of background
ce5c3b554 [v.3.2] events: support disjunctive filters
dd83f5c0c System tests: add :Z to volume mounts
32927f5d6 generate systemd: make mounts portable
abb57e5cf vendor containers/storage@v1.31.3
1e4563182 vendor containers/common@v0.38.5
fbf8b78a3 Bump to v3.2.0-dev
684729482 Bump to v3.2.0-RC3
f49023031 Update release notes for v3.2.0-RC3
ee5dd0603 Fix race on podman start --all
6c9de9382 Fix race condition in running ls container in a pod
69bae4774 docs: --cert-dir: point to containers-certs.d(5)
934f36df5 Handle hard links in different directories
5eecc2761 Improve OCI Runtime error
ba884865c Handle hard links in remote builds
c53638e9f Podman info add support for status of cgroup controllers
ac8b7ddd8 Drop container does not exist on removal to debugf
18e917cdc Downgrade API service routing table logging
efa15b96c add libimage events
a9108ab25 docs: generate systemd: XDG_RUNTIME_DIR
bb589bec2 Fix problem copying files when container is in host pid namespace
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Synchronize the 'runc-docker' with the opencontainers variant. This
allows the common patch to be used once again, and we refresh our docker
specific patch to the new content.
Bumping runc to version v1.0.0-rc95-28-gbfcbc947, which comprises the following commits:
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
00119c85 integration: add repeated "runc update" test
d0f2c25f cgroup2: devices: replace all existing filters when attaching
98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity
dcc1cf7c devices: add emulator.Rules shorthand
54904516 libcontainer: fix integration failure in "make test"
c7c70ce8 *: clean t.Skip messages
a95237f8 libctr/cg/systemd: export rangeToBits
df0206a6 errcheck: utils
0c65f833 errcheck: signals
3b31e3ea errcheck: tty
b45fbd43 errcheck: libcontainer
463ee5e1 errcheck: libcontainer/nsenter
7e7ff872 errcheck: libcontainer/configs
a8995053 errcheck: libcontainer/integration
b93666eb libct/cg/fs2: setFreezer: wait until frozen
1069e4e9 libct/cg/fs2: optimize setFreezer more
5d193188 libct/cg/fs2: optimize setFreezer
8a7a374f VERSION: back to development
b9ee9c63 VERSION: release v1.0.0-rc95
0ca91f44 rootfs: add mount destination validation
c61f6062 libcontainer: honor seccomp defaultErrnoRet
d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0
bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16
f96530f2 EMERITUS: recognise previous maintainers
c73a6626 VERSION: back to development
2c7861bc VERSION: release v1.0.0-rc94
12e9cac9 Vagrantfile.fedora: set Delegate=yes
ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd
601cf582 tests/int/cgroups: don't check for hugetlb
40b97919 tests/int: enable/use requires cgroups_<ctrl>
44fcbfd6 tests/int/helpers: generalize require cgroups_freezer
353f2ad1 tests/int/update.bats: don't set cpuset in setup
4f8ccc5f libct/cg/sd/v2: call initPath from Path
0ed1f802 tests/int/helpers: rm old code
af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2
2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4
a7feb423 libct/int: add TestFdLeaksSystemd
c7f847ed libct/cg/sd: use global dbus connection
99c5c504 libct/cg/sd: introduce and use getManagerProperty
0fabed76 libct/int/checkpoint_test: use kill(0) for pid check
7eb1405b libct/int/checkpoint_test: use waitProcess helper
72d7a824 libct/int/checkpoint_test: use t.Helper
bcca7968 libct/int: simplify/fix showing errors
524abc59 freezer: add delay after freeze
e1d842cf libct/intelrdt: fix unit test
541fc19e Makefile: allow overriding go command by environment
06a9ea36 script/release.sh: add -a to force rebuild
91b01682 Update golang.org/x/sys to add linux/ppc support
ee4612bc CI: enable Go 1.13 again
e2dd9220 go.mod: demote to Go 1.13
45f49e8f libcontainer: avoid using t.Cleanup
1a659bc6 Revert "Makefile: rm go 1.13 workaround"
abf12ce0 libc/cg: improve Manager docs
3f659467 libct/cg: make Set accept configs.Resources
af0710a0 libct/cg/sd/v2: fix Set argument
850b2c47 libct/cg/fscommon.OpenFile: speed up ro case
71a8aee8 cgroups/systemd: replace deprecated dbus functions
47ef9a10 libct/cg/sd: retry on dbus disconnect
6122bc8b Privatize NewUserSystemDbus
15fee989 libct/cg/sd: add renew dbus connection
bacfc2c2 libct/cg/sd: add isDbusError
cdbed6f0 libct/cg/sd: add dbus manager
9efd8466 libct/cg/fscommon.OpenFile: reverse checks order
0bee5e0b libct/cg/fs: add GetStats benchmark
7e7eb1c3 CI: update Fedora to 34
d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create
23e3794d checkpoint: validate parent path
fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure
0216716c tests/int: add a case for cgroupv2 mount
5ffcc568 tests/int: use bfq test with rootless
ff692f28 Fix cgroup2 mount for rootless case
3826db19 libct/rootfs/mountCgroupV2: minor refactor
1e476578 libct/rootfs: introduce and use mountConfig
deb8a8dd libct/newInitConfig: nit
2192670a libct/configs/validate: validate mounts
1f1e91b1 libct/specconv: check mount destination is absolute
73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New()
aa622723 tiny fix iterative checkpoint test case
ee3b563d Add cfs throttle stats to cgroup v2
6faed0e4 libct/int: use ok(t, err)
af3c5699 libct/int: remove unused code
7b802a7d libct/int: better test container names
9f3d7534 logging: enable file/line info if --debug is set
ef9922c2 libct/cg: don't return OOMKillCount error when rootless
5cdd9022 libct/cg/fs[2]: fix comments about m.rootless
31dd1e49 tests/int: add rootless + host pidns test case
a2050ea4 runc run: fix start for rootless + host pidns
2f1a3ed3 Fix vendored dependencies
d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0
f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach
928ef7af libct/nsenter: add json msg escaping
52390d68 Ignore kernel memory settings
b7c315ad vendor: bump containerd/console to 1.0.2
b6cdb8ae fix a typo
64bb59f5 nsenter: improve debug logging
6ce2d63a libct/init_linux: retry chdir to fix EPERM
c5029c00 tests: fix hello-world tarball name in testdata for arm64
289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1
4316df8b libcontainer/system: move userns utilities to separate package
e7fd383b libcontainer/system: un-export UIDMapInUserNS()
249356a1 libcontainer/system: remove unused GetParentNSeuid()
dc52ed25 libcontainer/user: remove outdated MAINTAINERS file
72ecf59c libcontainer/user: fix windows compile error
2515b0c2 libct/user: rm windows code
0596f6e1 libcontainer/devices/device_windows.go: rm
b1deba8c libcontainer/configs/config_windows_test.go: rm
f1586dbd libcontainer/configs/validate: make Validate() less DRY
4126b807 libcontainer/configs: add missing type for hooknames
48125179 go.mod: github.com/cilium/ebpf v0.4.0
44611630 docs/systemd: add
27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default
d748280a make release: build/include libseccomp
aa6da82c script/release.sh: fix shellcheck warnings
3eb46d89 ci: make static built binary available
f0dec0b4 libct/specconv/CreateCgroupConfig: nit
36fe3cc2 tests/int/cpt: fix lazy-pages flakiness
2dd62b3d libct/checkCriuFeatures: rm excessive debug
0e089002 tests/int/checkpoint: close lazy_r fd
b09030a5 tests/int/checkpoint: close fds in check_pipes
e63df1e6 tests/int: really randomize cgroup/unit names
6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE
adf733fa vendor: update go-systemd and godbus
f09a3e1b tests/int: don't set/use CGROUP_XXX variables
4ecff8d9 start: don't kill runc init too early
b1184302 libct/configs/validator: add some cgroup support
0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers
85416b87 libct/cg/fs2.statPids: fall back directly
10f9a982 libct/cg/fs2/getPidsWithoutController: optimize
6121f8b6 libct/cg/fs2.Stat: always call statCpu
9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup
a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize
b99ca25a libct/cg/fs2/memory: fix swap reporting
79a8647b libct/int: add TestFdLeaks
b3be2b0b libct: close execFifo after start
08b52797 Make test specific to disassembleFilter function
7b3e0bcf Ensure the scratch pipe is read during ExportBPF
62f1f0e4 tests/int/checkpoint: check all logs for errors
346cb359 Revert "tests/checkpoint: show full log lazy pages cpt"
c9b3787b script/check-config.sh: add SELinux and AppArmor
5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities
e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
2726146b runc --debug: more tests
201d60c5 runc run/start/exec: fix init log forwarding race
c06f999b libct/logs/test: refactor
688ea99e runc init: fix double call to ConfigureLogs
dd6c8d76 main: cast Chmod argument to os.FileMode
69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner
0300299a tests/int/debug.bats: fixups
d38d1f9f libcontainer/logs: use int for Config.LogPipeFd
ac93746c libct/seccomp: rm IsEnabled
9b2f1e6f runc version: don't use seccomp.IsEnabled
c8e0486f Fix oss-fuzz build
d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER
997e8942 capabilities.Caps: use a map for capability-types
41f466d8 nsexec.c: fix formatting for netlink defines
522bd641 Fix checking C code formatting
1948b4ce cloned_binary.c: rm redundant comments
b67deb56 nsexec.c: rm a block
513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias
dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b
a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection
d6e89248 Fix build-tags in libcontainer/devices
f585cec7 libct/cg/v2: always enable TasksAccounting
8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight
74299a1c CI: cache ~/.vagrant.d/boxes
97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf
db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set
051646a3 tests: test nested bind mount restore
705b6cc7 Re-create mountpoints during restore
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.1+k3s1-10-geac48f69bc, which comprises the following commits:
eac48f69bc Add kubernetes.default.svc to serving certs
16ae282c7a Fix RBAC cloud-controller-manager name 3308 (#3388) (#3408)
ff54d8c96d Add a path for wireguard's privatekey
1932979f44 Update flannel version
8fd180e0d9 move object channel defer close to goroutine
69795277be add retention default and wire in s3 prune
58649c5e85 add etcd snapshot save subcommand
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
6b18f7e bump to v2.0.28
dd63dcb Cirrus: Update VM Images
096e2c1 conmon: do not chown /dev/null
3efab3e Add Kubernetes e2e tests as GitHub action
0114f3c move integration to gh actions
186038c run make vendor
31c5a2e add tests running a runtime
c53c155 always set container pid file
1955f59 write runtime stderr to journal on error
af1f3c4 some small cleanups
6c38b5a Use less resources
355dbf1 conn_sock: fix potential segfault
4587294 ci/gha: bump runc to rc93
92867a7 Add Podman integration test GitHub action
1ec43d9 bump to v2.0.28-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest runc, which includes the following commits:
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
00119c85 integration: add repeated "runc update" test
d0f2c25f cgroup2: devices: replace all existing filters when attaching
98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity
dcc1cf7c devices: add emulator.Rules shorthand
54904516 libcontainer: fix integration failure in "make test"
c7c70ce8 *: clean t.Skip messages
a95237f8 libctr/cg/systemd: export rangeToBits
df0206a6 errcheck: utils
0c65f833 errcheck: signals
3b31e3ea errcheck: tty
b45fbd43 errcheck: libcontainer
463ee5e1 errcheck: libcontainer/nsenter
7e7ff872 errcheck: libcontainer/configs
a8995053 errcheck: libcontainer/integration
b93666eb libct/cg/fs2: setFreezer: wait until frozen
1069e4e9 libct/cg/fs2: optimize setFreezer more
5d193188 libct/cg/fs2: optimize setFreezer
8a7a374f VERSION: back to development
b9ee9c63 VERSION: release v1.0.0-rc95
0ca91f44 rootfs: add mount destination validation
c61f6062 libcontainer: honor seccomp defaultErrnoRet
d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0
bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16
f96530f2 EMERITUS: recognise previous maintainers
c73a6626 VERSION: back to development
2c7861bc VERSION: release v1.0.0-rc94
12e9cac9 Vagrantfile.fedora: set Delegate=yes
ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd
601cf582 tests/int/cgroups: don't check for hugetlb
40b97919 tests/int: enable/use requires cgroups_<ctrl>
44fcbfd6 tests/int/helpers: generalize require cgroups_freezer
353f2ad1 tests/int/update.bats: don't set cpuset in setup
4f8ccc5f libct/cg/sd/v2: call initPath from Path
0ed1f802 tests/int/helpers: rm old code
af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2
2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4
a7feb423 libct/int: add TestFdLeaksSystemd
c7f847ed libct/cg/sd: use global dbus connection
99c5c504 libct/cg/sd: introduce and use getManagerProperty
0fabed76 libct/int/checkpoint_test: use kill(0) for pid check
7eb1405b libct/int/checkpoint_test: use waitProcess helper
72d7a824 libct/int/checkpoint_test: use t.Helper
bcca7968 libct/int: simplify/fix showing errors
524abc59 freezer: add delay after freeze
e1d842cf libct/intelrdt: fix unit test
541fc19e Makefile: allow overriding go command by environment
06a9ea36 script/release.sh: add -a to force rebuild
91b01682 Update golang.org/x/sys to add linux/ppc support
ee4612bc CI: enable Go 1.13 again
e2dd9220 go.mod: demote to Go 1.13
45f49e8f libcontainer: avoid using t.Cleanup
1a659bc6 Revert "Makefile: rm go 1.13 workaround"
abf12ce0 libc/cg: improve Manager docs
3f659467 libct/cg: make Set accept configs.Resources
af0710a0 libct/cg/sd/v2: fix Set argument
850b2c47 libct/cg/fscommon.OpenFile: speed up ro case
71a8aee8 cgroups/systemd: replace deprecated dbus functions
47ef9a10 libct/cg/sd: retry on dbus disconnect
6122bc8b Privatize NewUserSystemDbus
15fee989 libct/cg/sd: add renew dbus connection
bacfc2c2 libct/cg/sd: add isDbusError
cdbed6f0 libct/cg/sd: add dbus manager
9efd8466 libct/cg/fscommon.OpenFile: reverse checks order
0bee5e0b libct/cg/fs: add GetStats benchmark
7e7eb1c3 CI: update Fedora to 34
d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create
23e3794d checkpoint: validate parent path
fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure
0216716c tests/int: add a case for cgroupv2 mount
5ffcc568 tests/int: use bfq test with rootless
ff692f28 Fix cgroup2 mount for rootless case
3826db19 libct/rootfs/mountCgroupV2: minor refactor
1e476578 libct/rootfs: introduce and use mountConfig
deb8a8dd libct/newInitConfig: nit
2192670a libct/configs/validate: validate mounts
1f1e91b1 libct/specconv: check mount destination is absolute
73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New()
aa622723 tiny fix iterative checkpoint test case
ee3b563d Add cfs throttle stats to cgroup v2
6faed0e4 libct/int: use ok(t, err)
af3c5699 libct/int: remove unused code
7b802a7d libct/int: better test container names
9f3d7534 logging: enable file/line info if --debug is set
31dd1e49 tests/int: add rootless + host pidns test case
a2050ea4 runc run: fix start for rootless + host pidns
0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers
85416b87 libct/cg/fs2.statPids: fall back directly
10f9a982 libct/cg/fs2/getPidsWithoutController: optimize
6121f8b6 libct/cg/fs2.Stat: always call statCpu
9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup
a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize
b99ca25a libct/cg/fs2/memory: fix swap reporting
c8e0486f Fix oss-fuzz build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Updating skopeo to the 1.3.x series. Along with the version bump, we
patch the Makefile to stop using gpgme-config and instead using
pkg-config, since OE taints gpgme-config and the build will break if
we call it directly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We update to the latest 1.21 commits, and we refresh our patch for
context changes.
eb0faebe Bump google.golang.org/grpc from 1.37.1 to 1.38.0
1d34ea0c Add global handler for Interrupt signal
d2c028aa Bump k8s.io/cri-api from 0.21.0 to 0.21.1
cac74d4f Bump k8s.io/apimachinery from 0.21.0 to 0.21.1
0e4c365c Bump k8s.io/api from 0.21.0 to 0.21.1
4b956efa Bump k8s.io/kubectl from 0.21.0 to 0.21.1
b3bc7d45 Update golangci-lint to v1.40.1 and fix lints
a72896da Bump google.golang.org/grpc from 1.37.0 to 1.37.1
09df93a2 Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
8a28583f Clone cri-dockerd from permanent repo
29c6b21e Bump github.com/onsi/gomega from 1.11.0 to 1.12.0
50a297dc Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
15eee85f Mention deb/rpm packages hosted on OBS in README
6ead47bd Trim build paths for binaries
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|