| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
podman uses pasta as the default rootless network command since 5.0.0,
but only slirp4netns is available when building for Yocto.
This commit adds a containers.conf file setting slirp4netns as default
rootless command if 'rootless' is set in PACKAGECONFIG
Signed-off-by: Marcus Flyckt <mafl@kvaser.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping lxc to version v6.0.0, which comprises the following commits:
3dee5fb88 Release LXC 6.0.0
17ac6f691 lxc.spec: Align SPDX license id
5fe2de84c Makefile: Align SPDX license id
97f93be72 meson: Align SPDX license id
d4cd3741d COPYING: Clarify licensing of files without SPDX
8e67eb07c doc: Add SPDX headers and remove Author field
cb94edf53 src/include: Add SPDX headers
7bc33ef6e src/tests: Add SPDX headers
007642c89 hooks: Add SPDX headers
1e9e66be3 lxc.spec: Clear default changelog
202d649d1 lxc.spec: Use SPDX
85abd4026 template: Use SPDX
a074b3d27 config/yum: Use SPDX header
7ed43e5e9 COPYING: Remove whitespace
522721216 MAINTAINERS: Remove Dwight from the maintainer list
08bf8b9e2 lxc-checkconfig: Fix shellcheck
0f18db543 lxc-checkconfig: Show namespace limits
f71b8e3f8 lxc-ls: list names with whitespaces in `--active`.
816b8973d lxc/tools: set default log_priority to ERROR
989ea3969 tools/lxc_autostart: don't fail when there are no containers
dc4df2335 lxc/lxccontainer: specify file mode in open() call inside mod_rdep
630b46ed2 lxc/confile: do not print excess space before scale suffix for time.offset.boot
796f2ccb7 lxc/confile: do not print newline symbol in getter for lxc.time.offset.*
dcc4fb929 tests/parse_config_file: fix some typos
6fea67429 tests/parse_config_file: add tests for lxc.time.offset.*
ad8f55445 tree-wide: replace multiply_overflow with check_mul_overflow
4464cee19 lxccontainer: rework copy_file()
9d1aa932d lxccontainer: improve mod_rdep()
81c1bbf45 Revert "lxccontainer: fixes"
82fe01821 src/lxc/syscall_numbers.h: drop define -1
590a95d83 rexec: Avoid invalid free in rexec failure path
f9978b179 README: Correct 'armvl7' to 'armv7l'
046b63cd2 unshare: simplify lookup_name
7452ee8ab lxc-unshare: fix an buffer overflow issue in lxc_unshare
e88883445 lxc-net: Enable IPv6 by default
d78ca00bc tests/meson: attempt to fix ossfuzz builds
d18f993b3 github: master -> main
86799f554 meson: link with liblxc dynamically everywhere if possible
b90fecfda network: use IN_LIBLXC
9eee450d2 storage_utils: move get_fssize to utils
6eb0a73e2 storage_utils: unhide and rename is_valid_storage_type to lxc_is_valid_storage_type
42eeffcb0 confile: unhide lxc_config_parse_arch() helper
9bb318881 conf: reorganize/split code to utils.c
863c59dc3 conf: reorganize/split code to idmap_utils.c
b7591ad49 confile: unhide lxc_config_define*() helpers
f14656ebf meson: introduce IN_LIBLXC preprocessor macro
672b2172d confile: move lxc_fill_elevated_privileges() to tools/lxc_attach
8f9733d75 tests: remove old and broken cgroup handling code from tests
d51ea224e config: apparmor: add AppArmor profile for lxc-copy
627bb9460 tests: lxc-test-usernic: use iproute tool instead of brctl
df0665b6d oci: resolve cross-filesystem blob caching failure
ec85e5ca4 lxc-test-usernic: drop cgroup handling
27ec0b0f6 test-usernic: don't use ifconfig
44e845b3c Add x32 to the list of recognized architectures
07e3a516e lxc-download, lxc-local: preserve xattrs on unpack
9ac7c4895 tree-wide: use container_uses_namespace() in less trivial cases
64341ce7b tree-wide: use container_uses_namespace() helper
6b40e66c1 Fix error message.
c8189ee2a Add verbose output in download template.
84cc3155a Align columns in lxc-download.in template
872db5424 build: add more options for customizing install
df17ac417 Add loongarch64 support
112d5615e build(deps): bump actions/upload-artifact from 3 to 4
789457f1a config: try to create workdir if not exist
86f5c1226 lxc-local: Add --no-dev option to exclude /dev from the fstree
f885a3c56 lxc-local: Re-organize code to use more functions
7c025072e lxc-local: Improve usage info
faa38a197 lxc-local: Change LXC_CONFIG to LXC_METADATA to match args and be more clear
d65fe1b27 Disable IPv6 link-local addresses for bridged veth
8cff8fa1a don't try to delete vlan 0 from veth
0e932812a conf: fix ephemeral copies
abffab441 config/init: Drop upstart files
79a4a3cf8 doc: remove the warning mentionning upstart
7bf1695d0 hooks/ubuntu-cloud-prep: remove upstart handling
fb73c18d2 meson: Remove support for upstart
cc6819c69 reset root_nsuid_map and root_nsgid_map when idmaps is cleared
a87d6fcc9 lxc/checkconfig: use multiline `echo`
f3e01fa80 lxc/checkconfig: replace `echo -n` by printf
ba4f810bc lxc/checkconfig: minor cosmetic change
d52c345c8 lxc/checkconfig: avoid subshell (SC2235)
f84f03d1d lxc/checkconfig: remove superfluous (..) around test command (SC2234)
74b9faa64 lxc/checkconfig: check exit code directly (SC2181)
5cc69e440 lxc/checkconfig: replace `! -z` by `-n` (SC2236)
a4684eb11 lxc/checkconfig: add missing quotes to please shellcheck
8a611c0b2 lxc/checkconfig: remove some unneeded `echo -n`
cb2574319 lxc/checkconfig: replace `type` by `command`
003efe6db lxc/checkconfig: replace `cat | grep` with `grep`
adadfa372 lxc/lxccontainer: fix do_lxcapi_set_timeout retval
c02367e59 containers in the FREEZING state also need to be unfreeze
aca53bcf7 build(deps): bump actions/checkout from 3 to 4
84169158f lxccontainer.h: Move new fields to the end
e2696df93 Remove references to LXD
7cec54455 Update console perms to 0600
3f45443fd Fix start api call to split quoted strings in execute or init command.
fbc31691e github: Update for main branch
69e51b919 CONTRIBUTING: add a note on AI generated code
84cfe9772 get_hierarchy: dont WARN about no usable controller
64167f906 Add libarchive tar support for lxc download
213e2f68d github: Add DCO/target tests
cf2b20209 explicitly convert *mainloop_handler to __u64
8575ffeb7 tests: fix parse_config_file seccomp test
ca25f3bf6 src/tests: Fix container creation errors
539c39772 rename functions which clash with libsystemd's
b670f0e75 commands: support timeout in LXC_CMD_GET_STATE
0fed82b26 lxccontainer: extend lxccontainer API with set_timeout
7fd671dbc mainloop: io_uring: disable IORING_POLL_ADD_MULTI
715fb4eff terminal: make a terminal FDs non-blocking
7eff16cc4 file_utils: add fd_make_nonblocking helper
747c4df31 file_utils: rename fd_make_nonblocking to fd_make_blocking
ebea2b5a9 setproctitle(): Handle potential NULL return from strrchr()
f7f15b20a make setproctitle()'s /proc/pid/stat parsing safe
890de0759 lsm: apparmor: allow to change mount propagation
5894cf310 console-log test: make sure container is stopped before restarting
820d2a2b3 switch from libsystemd's dbus to dbus-1
3c1453a38 tree-wide: convert fcntl(FD_CLOEXEC) to SOCK_CLOEXEC
4ea0b361f Allow fuse mounts in apparmor start-container.
1a2da75b6 Add support for squashfs images in oci via atomfs
db3cbfa75 apparmor: don't try to mmap empty files
304bf58fa initutils: use PRIu64 for uint64_t in setproctitle
4de047f51 lxc-net.in: fix nftables syntax for IPv6 NAT
311bb8c53 Fix strlcat's return value checks
588b53b19 Fix typo: bev_type -> bdev_type
7914c259f drop broken lxc-test-fuzzers
849d80877 Fix build error on sparc64 caused by using the gold linker
43ad7816d lxc-default-cgns apparmor profile: allow overlay mounts
4fa83282b lxc_user_nic: fix get_mtu() error handling
1b0469530 Patching an incoming CVE (CVE-2022-47952)
a8e1070c6 build: force linking against liblxc
c27ea96f7 checkconfig: Fix filesystem capability check
3f361da61 checkconfig: Tweak cgroup handling
3ab04999d checkconfig: Tweak layout
e027ca711 checkconfig: Hide version if no lxc-start
914fec51b checkconfig: Fix mixed tabs/spaces
70b176b0d src/lxc/meson.build: fix build without apparmor
42b22da6d cgroups: fix cgroup layout detection in __initialize_cgroups
0072919dd state: additional check in lxc_wait to prevent OOB
62b94d3ec cgroups: check snprintf retval in unpriv_systemd_create_scope
93d545e37 cgroups: fix buffer out-of-bounds access in enable_controllers_delegation
f8aa61f97 network: always initialize struct nl_handler
6ea4a6c06 apparmor: properly check lxc_strmmap ret value
b37cce95b github: fix coverity (add libpam-dev)
a8dcf88d0 github: fix coverity build
7e7393413 conf: ensure mount tunnel is a dependent mount
01ae6d471 apparmor: allow shared mounts in start-container.in
81d94a4ee conf: create separate peer group for container's root
68020412c cgroups: only allocate user namespace if we have to
27f69d45b cgroups: use userns_exec_full() during cgroup removal
1029c2a06 README: remove lgtm
dcf85308c meson.build: strip newline for variable assignments
8aac58866 meson.build: strip newlines from git output
16c6ff226 tests: lxc-test-reboot: Fix build on ia64
64eb31d02 src/lxc/meson.build: fix the static library path
c6c705bfa build: drop build-time systemd dependency
f321cd610 build: use cc.get_define to detect FS_CONFIG_* symbols
5aff4ea37 build: only build init.lxc.static if libcap is statically linkable
c1f87c811 build: fix handling of dependancies to fix build on openSUSE
bc318926d cgroups: fix -Waddress warning
4deaa28c0 Unroll IN_SET since the max usage is 2 elements check
73fd9bf55 tests: lxc-test-checkpoint-restore: use trap to do cleanup
8480c56a4 tools: lxc-destroy: update help message for --force
3cac3fce4 build: add libsystemd to oss fuzz dependencies
f7cadaa34 lxc/attach: Detect EACCES from execvp and convert to 126 exit status
4ebca5a00 lxc-attach: Fix lost return codes of spawned processes that are killed
09233897b Update README.md
4a66dabf8 conf: allow cross-device links
dc4f1220f build(deps): bump actions/checkout from 2 to 3
2b802090f Update cifuzz.yml
20cc78456 fix error message when use tools with -? option
b0abedf60 use sd_bus_call_method_async to replace the asyncv one
589a930f1 tree-wide: split open helpers into open_utils.h
7b1836bce build: prevent the inclusion of linux/mount.h with a hack
da8c29853 mount_utils: remove conf.h include
74c2f58e1 mount: move mount utilities from syscall_wrappers.h into mount_utils.h
68cf56489 tree-wide: minimize liburing.h inclusion
06f99c259 meson: fix docbook2x detection
133aa416c tree-wide: use struct open_how directly
63468abd3 tree-wide: use struct clone_args directly
4771699fd tree-wide: wipe direct or indirect linux/mount.h inclusion
16ebb29dc meson.build: allow explicit distrosysconfdir
cbabe8abf build: check for FS_CONFIG_* header symbol in sys/mount.h
ef1e0607b build: detect sys/pidfd.h availability
c1115e150 build: detect where struct mount_attr is declared
e452c8945 gitignore: Simplify
32a071519 lxc-usernsexec: allow to select which {g,u}id to switch to
7f6643071 README: update security mails
5e704fe38 meson.build: fix build without stack-protector
7d7235489 meson.build: fix build with -Dcapabilities=false
8ee887908 src/lxc/log.h: fix STRERROR_R_CHAR_P
353f0f992 meson: add remaining still-in-use config checks
3d360cf9d Store mount options in correct variable
df3301046 Fix off-by-one error constructing mount options
8ee615c27 add check for statvfs
07a00b78f start: fix namespace sharing
eae44ce19 conf: fix append_ttyname()
6c50e09f2 start: record inherited namespaces earlier to make it available for idmapped rootfs setup
7317d2a8a start: don't overwrite file descriptors during namespace preservation
fc133a9f3 conf: log file descriptors on error during idmapped mount setup
26de6cbc8 fix for issue 4026: set broadcast to 0.0.0.0 for /31 and /32
c55353f84 use systemd dbus StartTransientUnit for unpriv cgroup2
b203e1a14 Fix uninitialized read in parse_cap when libcap is not used
e73520adf meson: Set DEVEL flag post release
f4d02217e tools: Provide multicall lxc binary
289d6413e meson: Generate compile commands by iterating over an array
132ff8e28 lxccontainer: rework copy_file()
f357cb290 lxccontainer: improve mod_rdep()
b576a47d5 Read list until process exits
We also:
- drop two patches that were backported
- refresh the context of one
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.2-12-g5d2c988a5, which comprises the following commits:
446e63579 remove uses of platforms.Platform alias
22f2af40c update pause image to 3.10
65024e6fd core/image: fix usage of "unknown" platform
8b3060717 Provide runtime options in plugin info
332caf1a1 Provide ability to set lo up without CNI
288f0592e Prepare release notes for v2.0.0-rc.2
f24a95185 build(deps): bump github.com/prometheus/client_golang
8b2a69c19 build(deps): bump golangci/golangci-lint-action from 5 to 6
96ff18d37 build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1cae3dc9b update ttrpc to 1.2.4
e2251f948 Update instrumentation fuzzer with new flag
ef76a90e9 Update platforms package to v0.2.0
0b113d78d doc: add the description of sandboxer and io_type
7cead8800 cri: restart created container with correct io type
42f778fc1 modify streaming io url form
25c2f690a Update toolchain to Go 1.22.3
681a083fa Update unpacker to always fetch all
2788604e4 Update ctr image pull all platforms
58be88189 sandbox: do retry for wait to remote sandbox controller
059731775 Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts
9a9a8c46a Don't require vagrant tests in merge queues
d9dc2811a fix: delete sockets on shim exit
41dc94ee1 CI: bump up golangci-lint to v1.58.0
9ecfac7f6 Integration: Change to grpc.NewClient
8c6183d74 Add lease test for metadata snapshotter
c7fb8a925 Update metadata snapshotter to lease on exists
b8dfb4d8f cri: support io by streaming api
3b065cddd CI: skip test in arm64 CI
6c3c5376f critools-version: v1.30.0
b488e76db build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1
a6e417dc6 build(deps): bump go.etcd.io/bbolt from 1.3.9 to 1.3.10
4401c3cb7 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.1 to 2.2.2
42e02c6c0 build(deps): bump golang.org/x/sys in the golang-x group
88b52119c Update api version to v1.8.0-rc.0
1c9c64f31 Update release procedure to mention api replace
e69efd56d Add go mod replace when proto changes happen
678137199 sandbox: remove PID() in sandbox client
13f2fa1de remove go1.21.9 from CI matrix
f0363a7f6 Chore: Simplify some syscall error checks
99ad11a00 core/metadata: failfast on content.Commit
3fb84403b CI: bump up crun to 1.15
55fcebffc Prepare release notes for api/v1.8.0
b811a8879 Add API release action
b8060d641 Update ctr shim subcommand to task v3
f1e265b13 core/runtime: Check shim PluginInfo to enforce idmap support
05a3171bb Update transfer proxy to support ttrpc
ec04e4f63 Add streaming proxy
fe01cad20 Cleanup local transfer interface
171fc1434 Update release doc to mention API versioning
2ac2b9c90 Make api a Go sub-module
e1b94c0e7 Move protobuf package under pkg
3e9cace72 Move runtimeoptions to api directory
4a4550777 Move runc options to api directory
25a288662 Fix v2 migrate for testutil package
fb1f15d30 docs: correct the typo in the documentation
2df04b403 build(deps): bump the otel group with 8 updates
950db7eb7 build(deps): bump the k8s group across 1 directory with 4 updates
93690baf4 build(deps): bump github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus
4c753d124 go.mod: k8s.io/cri-api v0.30.0
de38490ed sandbox: merge address and protocol to one url
c3b306240 add task api endpoint in task create options
72fe47b2a add task api endpoint in oci proto
b1fefccc7 sandbox: store endpoint in cri sandboxStore
f6e0cf189 sandbox: add address info in Start and Status response
15782881e go.mod: go 1.22
2d5689434 CI: use Go 1.22 by default
fef78c102 install-runc: pin Go to 1.21
11d8beff8 optimize error logs by providing absolute file paths
81a9df625 build(deps): bump github.com/urfave/cli/v2 from 2.27.1 to 2.27.2
c001a7056 build(deps): bump lycheeverse/lychee-action from 1.9.3 to 1.10.0
6df759e24 build(deps): bump golangci/golangci-lint-action from 4 to 5
b7c977414 container.Checkpoint(), WithRestoreImage(): use ocispec.AnnotationRefName
8a8c3e221 pkg/cri/server/base: log CRI config as embedded JSON
f62edda5a pkg/cri/server/base: use structured log for CRI plugin startup
e07b63d84 document usage and design of blockfile snapshotter
b6bd12f13 Add Syself Autopilot to adopters
7bc476001 ADOPTERS.md: Fix Actuated italics
416741675 Perform file sync outside of lock on Commit
c27bcdc56 cri: introspectRuntimeFeatures: fix nil panic
dfdfa206f Update for latest updates to release tool
53c9e6f86 Update release process after 1.7
a12acedfa sandbox: make a independent shim plugin
9ee3bfaba images: tests: Fix typos in the tests
c51463010 docs: update registry config guide
7bd4d348e add info of exited event
218e2cf7c Return correct error if CRIU binary is missing
bb9d923aa content: add a BlobReadSeeker func to allow multipart blob streaming
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping buildah to version v1.36.0, which comprises the following commits:
6ceba8838 Bump to v1.36.0
c09e08b53 build: be more selective about specifying the default OS
3fa5531ca Bump to c/common v0.59.0
4d1690bc3 Fix buildah prune --help showing the same example twice
208b7111e fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0
c7937cd1d fix(deps): update module github.com/containers/image/v5 to v5.31.0
183582f03 bud tests: fix breakage when vendoring into podman
de8510c9d Integration tests: fake up a replacement for nixery.dev/shell
d9191e17c copierWithSubprocess(): try to capture stderr on io.ErrClosedPipe
97382f928 Don't expand RUN heredocs ourselves, let the shell do it
864a40cbd Don't leak temp files on failures
97d44ab9c Add release note template to split dependency chores
4a524737f fix CentOS/RHEL build - no BATS there
420949a5a fix(deps): update module github.com/containers/luksy to v0.0.0-20240506205542-84b50f50f3ee
bbab575ff Address CVE-2024-3727
6a48ae700 chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.0
d5b2e3c41 Builder.cdiSetupDevicesInSpecdefConfig(): use configured CDI dirs
da4e2d7ad Setting --arch should set the TARGETARCH build arg
6f1f687c3 fix(deps): update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f
cd1960725 [CI:DOCS] Add link to Buildah image page to README.md
f6d49125a Don't set GOTOOLCHAIN=local
a04741d9f fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.5
53f2dc231 Makefile: set GOTOOLCHAIN=local
e0077e8c6 Integration tests: switch some base images
fdfd2237d containerImageRef.NewImageSource: merge the tar filters
f2825bf7b fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.2
2c1c73169 fix(deps): update module github.com/containers/luksy to v0.0.0-20240408185936-afd8e7619947
7688d880d Disable packit builds for centos-stream+epel-next-8
7425f6f8f Makefile: add missing files to $(SOURCES)
fbd2b7db4 CI VMs: bump to new versions with tmpfs /tmp
89ee4f4b0 chore(deps): update module golang.org/x/net to v0.23.0 [security]
c01061e47 integration test: handle new labels in "bud and test --unsetlabel"
f86c2748e Switch packit configuration to use epel-9-$arch ...
14d964d92 Give unit tests a bit more time
8bb87aefa Integration tests: remove a couple of duplicated tests
3e756d507 Integration tests: whitespace tweaks
8ee7bebd7 Integration tests: don't remove images at start or end of test
c7f088142 Integration tests: use cached images more
b213c5e7a Integration tests _prefetch: use registry configs
8bdd6a66d internal: use fileutils.(Le|E)xists
441bdc927 pkg/parse: use fileutils.(Le|E)xists
705338379 buildah: use fileutils.(Le|E)xists
9dcd1cc9a chroot: use fileutils.(Le|E)xists
358814f69 vendor: update containers/(common|storage)
be74b733f Fix issue/pr lock workflow
a99fe1513 [CI:DOCS] Add golang 1.21 update warning
77400c4fc heredoc: honor inline COPY irrespective of ignorefiles
ff13a08c9 Update install.md
5b414ad08 source-push: add support for --digestfile
d9129b463 Fix caching when mounting a cached stage with COPY/ADD
58579ba65 fix(deps): update github.com/containers/luksy digest to 3d2cf0e
2cd31a069 Makefile: softcode `strip`, use it from env var
f812c8949 Man page updates
5198af7d7 Add support for passing CDI specs to --device
14bf3db27 Update comments on some API objects
2a7ff9905 pkg/parse.DeviceFromPath(): dereference src symlinks
c1b43b57b Makefile - instead of calling `as` directly, use it from env var
23b8d9767 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1
c1119f886 CI: bump VMs
2c47fdccd fix(deps): update module github.com/docker/docker to v25.0.5+incompatible
f95b7a188 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.0
9cf83d8f8 Change RUN to comment in bud.bats
5808b9603 Stop rebasing renovate PRs automatically
37994356f Update renovate validation image
4304d618f CVE-2024-1753 container escape fix
516f9e9a2 correctly configure /etc/hosts and resolv.conf when using network
9db5a16f7 buildah: refactor resolv/hosts setup.
8c1fee7e7 rename the hostFile var to reflect the value better
f8a7841cc vendor latest c/common
26da74d54 [skip-ci] rpm: use go-rpm-macros supported vendoring
547d9bf0e Update docs/buildah-add.1.md
80f9f7cb0 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.16.0
5cf05ac08 fix(deps): update module github.com/docker/docker to v25.0.4+incompatible
c355679d3 fix(deps): update module github.com/containers/ocicrypt to v1.1.10
550139916 chore(deps): update module gopkg.in/go-jose/go-jose.v2 to v2.6.3 [security]
1a6d3513f chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.3 [security]
bf3263ec1 Bump google.golang.org/protobuf to v1.33.0
e635558d2 fix links to containerignore doc
e53e50f7a [skip-ci] Makefile: update rpm target
87ef84d3a pr-should-include-tests: use GitHub label, not commit text
d50122aeb tests: enable pasta tests
1bc5dd692 [CI:DOCS] Migrate buildah container image
7c88bb372 Update .gitignore
da81d2e2b Bump to v1.36.0-dev
fedbd7967 Bump v1.35.0
3164076e2 Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0
b2504c263 conformance tests: don't break on trailing zeroes in layer blobs
a2f0ebef6 Add a conformance test for copying to a mounted prior stage
e504df188 fix(deps): update module github.com/stretchr/testify to v1.9.0
951dccd3f cgroups: reuse version check from c/common
bbea3eb54 Update vendor of containers/(common,image)
6474279ed fix(deps): update github.com/containers/storage digest to eadc620
f9d603608 fix(deps): update github.com/containers/luksy digest to ceb12d4
53f230e2b fix(deps): update github.com/containers/image/v5 digest to cdc6802
8a1bcd51c manifest add: complain if we get artifact flags without --artifact
d0ffb9d37 Use retry logic from containers/common
e9c3c1666 Vendor in containers/(storage,image,common)
5047a3566 Update module golang.org/x/crypto to v0.20.0
26d5b84b1 Add comment re: Total Success task name
4853c0042 tests: skip_if_no_unshare(): check for --setuid
63975b541 Properly handle build --pull=false
836b9384d [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1
5748595ae Update module go.etcd.io/bbolt to v1.3.9
fee705081 Revert "Reduce official image size"
aee02318a Update module github.com/opencontainers/image-spec to v1.1.0
cdb1a4ff8 Reduce official image size
eb6269d8c Build with CNI support on FreeBSD
98f870753 build --all-platforms: skip some base "image" platforms
d73e21120 Bump main to v1.35.0-dev
90c0d9794 Vendor in latest containers/(storage,image,common)
1def7d6de Split up error messages for missing --sbom related flags
aca884a89 `buildah manifest`: add artifact-related options
07057917d cmd/buildah/manifest.go: lock lists before adding/annotating/pushing
a0852e994 cmd/buildah/manifest.go: don't make struct declarations aliases
4f0b619dd Use golang.org/x/exp/slices.Contains
e202d62cc Disable loong64 again
e99960085 Fix a couple of typos in one-line comments
302a798ad egrep is obsolescent; use grep -E
e6d179476 Try Cirrus with a newer VM version
04847f57f Set CONTAINERS_CONF in the chroot-mount-flags integration test
56e6ef854 Update to match dependency API update
5d58b88c7 Update github.com/openshift/imagebuilder and containers/common
a20d5b2a5 docs: correct default authfile path
9d58d1382 fix(deps): update module github.com/containerd/containerd to v1.7.13
533aac2d4 tests: retrofit test for heredoc summary
1bfd3336f build, heredoc: show heredoc summary in build output
811ee6797 manifest, push: add support for --retry and --retry-delay
1a8cbc185 fix(deps): update github.com/openshift/imagebuilder digest to b767bc3
9d516e22e imagebuildah: fix crash with empty RUN
e14f46f2e fix(deps): update github.com/containers/luksy digest to b62d551
a7aec1941 fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security]
f1f0d9d4d fix(deps): update module github.com/moby/buildkit to v0.12.5 [security]
79fb3c213 Make buildah match podman for handling of ulimits
13fd5bd2c docs: move footnotes to where they're applicable
011736e12 Allow users to specify no-dereference
34dff20da Run codespell on code
86afc1ffd Fix FreeBSD version parsing
32b8ceeb6 Fix a build break on FreeBSD
e3d043ebf Remove a bad FROM line
f6f6da8f0 fix(deps): update module github.com/onsi/gomega to v1.31.1
4b5caebd7 fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6
f157be843 docs: use reversed logo for dark theme in README
cf69e8a18 build,commit: add --sbom to scan and produce SBOMs when committing
b3af07dab commit: force omitHistory if the parent has layers but no history
de7c1e1f7 docs: fix a couple of typos
89f50af21 internal/mkcw.Archive(): handle extra image content
4cc811f4f stage_executor,heredoc: honor interpreter in heredoc
339839d4b stage_executor,layers: burst cache if heredoc content is changed
dd186ee0f fix(deps): update module golang.org/x/crypto to v0.18.0
a42bfd019 Replace map[K]bool with map[K]struct{} where it makes sense
905551f51 fix(deps): update module golang.org/x/sync to v0.6.0
efe76552b fix(deps): update module golang.org/x/term to v0.16.0
d371fc7b9 Bump CI VMs
53c65dd36 Replace strings.SplitN with strings.Cut
b5ee4fb34 fix(deps): update github.com/containers/storage digest to ef81e9b
114bb6f0c fix(deps): update github.com/containers/image/v5 digest to 1b221d4
fd0899f1f fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1
59ea8af1b Document use of containers-transports values in buildah
b2c80f9a3 fix(deps): update module golang.org/x/crypto to v0.17.0 [security]
b283c48db chore(deps): update dependency containers/automation_images to v20231208
4a9dba647 manifest: addCompression use default from containers.conf
041388f87 commit: add a --add-file flag
81435aadc mkcw: populate the rootfs using an overlay
5b9141887 chore(deps): update dependency containers/automation_images to v20230517
de0c3cdaf [skip-ci] Update actions/stale action to v9
2ab21c666 fix(deps): update module github.com/containernetworking/plugins to v1.4.0
29d945f38 fix(deps): update github.com/containers/image/v5 digest to 7a40fee
4276a735b Bump to v1.34.1-dev
471460018 Ignore errors if label.Relabel returns ENOSUP
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 1.15-13-g700e2ed, which comprises the following commits:
c6c1c7f crun run --help: say --no-subreaper is ignored
8801bc4 github: disable CentOS 10 tests
5f0643c github: fix running tests on CentOS 10
d795081 tests: build on CentOS 10 without yajl
f00fa22 libocispec: sync from upstream
dd9428b blake3: initialize chunks_array
8c80ab9 utils: initialize fd
81b8f45 linux: fix mount of special files with rro
e6eacaf NEWS: tag 1.15
08b5e78 Packit: Enable c10s downstream sync, rhel / centos separation in tests
4618d50 status: rmdirfd: try harder to remove mount points
c72bf7f linux: cgroups: cleanup unused mount if move failed
ff321e1 tests: install slirp4netns
a946f04 utils: fix a compiler warning
aa72cc4 Packit/TMT: add centos-stream-10, cleanup tests
f39bc4a tests, oci-validation: use perl tap driver
f5548f2 tests, oci-validation: use tap-18
18e84a1 tests, oci-validation: use git clone
49090f2 Build s390x binaries using musl libc
307d35e Fix clang format test
4b8f7c9 build(deps): bump uraimo/run-on-arch-action from 2.7.1 to 2.7.2
e6a8d51 libocispec: update
1809973 tests: use npm-18
475a3fd features: add support for potentiallyUnsafeConfigAnnotations
4f5479e src/libcrun/handlers: add option to load wasi-nn plugin for wasmedge
631e767 release: use zstd instead of xz
0722689 release.sh: generate .zst release instead of .xz
3ad68ed linux: fixup libcrun_safe_chdir
699564b rpm: remove eln macro
f50da23 Packit: reuse non-RHEL failure message notification on RHEL
0b7fc08 packit: podman reverse dependency tests
820471a libocispec: use runtime-spec v1.2.0
9eea9ff cgroup: make error clearer
59ad70a container: validate option flags
7918dca container: split create and run options
8894495 crun: add option --keep to run
35dccc3 libcrun, run: add option to not delete containers
a220ca6 NEWS: tag 1.14.4
6cd74cb Add support for s390x
5884fd4 linux: fix mount of file with recursive flags
b9e87e7 tests: test bind mounts of files
crun/ocispec: update to latest
2236d50 github: test with the embedded yajl library
bed19ad configure.ac: --enable-embedded-yajl skips check for yajl
b633f89 Makefile.am: distribute the src/yajl symlink
86650dc fix compilation error with clang++17
20d3936 helpers.py: remove __str__()
afed951 generate.py: fix some typos
daeb197 runtime-spec: use version v1.2.0
66f6f71 optimize writefile
e9a99a8 Optimize headers writefile
7a5f2b6 Refresh strings format sources
210f4d3 Refresh strings format headers
b085839 runtime-spec: update
crun/ispec: update to v1.1.0
535d657 Fix a typo in the annotations spec
89fee07 MAINTAINERS: move jonboulle to EMERITUS
f17d647 CODEOWNERS: remove vbatts
818209a MAINTAINERS: move vbatts to EMERITUS
652ec7c Add note about `ImageID` to the `config` section of `manifest.md`
2d95dde Reformat "Platform Variants", especially to add amd64, ppc64le, riscv64
e191267 Update Go versions in release scripts
4da0cfc Update GitHub Actions packages to resolve warnings in CI
a32e6c3 Pin golangci-lint for Go v1.20
8baa69b media-types: Fix broken links
0a41c19 version: bump back to +dev
e7f7c0c version: release v1.1.0
d0f90e6 Clarify that subject references a separate DAG
8b1e951 version: bump back to +dev
6c2b5fa version: release v1.1.0-rc6
53d9855 new section for projects no longer maintained
b391bc0 fix: SPDX licenses URL
dd66b54 Test older versions of Go with toolchain=local
93f6e65 Makefile: remove stray trailing space (#1126)
d881fa8 deps: remove deprecated github.com/pkg/errors (#1125)
072574d add ORAS to implementations.md
9954739 specs-go: group MediaTypes
344b098 fix markdown table formatting
c7a064f Update supported Go range to 1.19 - 1.21
f0ef80e version: bump back to +dev
1e54f01 version: release v1.1.0-rc5
061cba3 Fix golangci-lint install on older versions of Go
a2a5750 Add step to update website after a release
0c1622e Add `riscv64` arch to `check{Architecture|Platform}`
e6a75e6 Provide a decision tree for artifacts
9ac8f92 Quote lint-md wildcard expression
a6af2b4 Add a markdown linter and fix linting issues
af9c838 OCI has a distribution-spec
37bac87 Create artifacts guidance
ddf2dfd chore(descriptor.md): correct canonicalization reference
d36ccf1 MediaType is required in the descriptor
f6c60b5 Clean up the markdown in considerations
da8994a Cleanup broken links and markdown spacing
56877ad Remove deprecated golangci lint checks
b29a06c Hacking markdown and Makefile cleanup
73aca56 Cleanup markdown in governance
fd95ded Fix label schema link
aed07a8 Test subject field in index
8620a49 version: bump HEAD back to +dev
82e8329 version: bump for release of v1.1.0-rc.4
988df0a specs-go: remove artifact prefixed annotations
a845c7a image-index: add artifactType to specs and schema
73f386c Add constants for "index.json" and "blobs"
25fc553 Switch from scratch to empty
749ea9a Add artifactType to image index
32036d8 Apply version change from #1050
e13840d Add language from artifacttype field to forbid allowlists of media types
77efc6e spec: clarify descriptor, align with de facto artifact usage
c6854a6 image-index: add the `subject` field
crun/rspec: update to v1.2.0
b983fbf CODEOWNERS: remove vbatts
bf698d0 MAINTAINERS: move vbatts to EMERITUS
12b653d Update golangci-lint to v1.56.1 in CI
8547911 Add Go v1.21 and v1.22 to GitHub Actions CI matrix
1a729af Update GitHub Actions packages to resolve warnings in CI
65cd1f8 Back to +dev
36852b0 version: release v1.2.0
021ba94 config.md: allow empty mappings for [r]idmap
5e98fec features: add potentiallyUnsafeConfigAnnotations
cabeea7 specs-go: mark LinuxMemory.Kernel as deprecated
4005c81 specs-go: add missing deprecation comment for Hooks.Prestart
2f6b090 config: improve bind mount and propagation doc
0ec4e6b fix link to hooks in features
6ffddf6 mount: Allow relative mount destinations on Linux
f329913 features-linux: Expose idmap information
7b8eb69 config: add reference to mount_setattr(2) for idmapped mounts
2547bb0 config: add idmap and ridmap mount options
3f552ce version: release v1.1.0+dev
0625254 version: release v1.1.0
d56ba70 ChangeLog: squash v1.1.0-rc.1...v1.1.0
5430e36 ChangeLog: Document changes since v1.1.0-rc.3
2bd22fa features.md: add a note to avoid confusion about annotations
5612d21 Remove outdated meeting.ics
085728a README.md: update chat information
8b4cadd version: v1.1.0-rc.3+dev
ae35e39 version: release v1.1.0-rc.3
d8be1e3 ChangeLog: Document changes since v1.1.0-rc.2
1beaf68 CODEOWNER: Add Toru Komatsu(@utam0) to sync with MAINTAINERS
fccfb09 config: add support for org.opencontainers.image annotations
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
# ./run-ptest
/tmp/bats-run-ELGGaA/bats.18820.src: line 5: To: command not found
1..1
not ok 1 bats-gather-tests
# (in test file test/README.md, line 5)
# `To run the tests locally in your sandbox, you can use one of these methods:' failed with status 127
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
The remaining WORDIR references are to a secondary git repository
with artifacts and should be safe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
We also explicitly set S to point to the UNPACKDIR to avoid a
build warning.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
While the WORKDIR references seem to work, they may not continue
to work. We switch to using UNPACKDIR which is where the SRC_URI
referenced elements / files will be placed by the fetcher.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
We also adjust our WORKDIR reference to use UNPACKDIR instead
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
We also adjust our WORKDIR reference to UNPACKDIR, and the destination
for vendor'd source.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
We also adjust our S directory, and references to WORKDIR to
fix the build for the new source layout.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
We also adjust our paths to the new source location and drop references
to WORKDIR.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork
of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this
variable in our go recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Alternatively, we could add it to RRECOMMENDS. But I would say, given
its name, managing pods is part of podman's core functionality and that
requires catatonit, which is currently only pulled in for the ptest:
root@qemux86-64:~# podman pod create
Error: building local pause image: finding pause binary: exec: "catatonit": executable file not found in $PATH
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman does not require skopeo to run. They are both independent tools.
In distros like Debian, Fedora and Arch they don't depend on it either.
Skopeo also seems to be used in some of podman's tests, so it makes
sense to keep it around for the ptest.
We do require skopeo's libdevmapper dependency, so include that
directly. And inherit container-host to make sure the container configs
are present on the device.
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.12-14-ge8bb71e1, which comprises the following commits:
6379b58d libcontainer: force apps to think fips is enabled/disabled for testing
265e7371 Vagrantfile.fedora: bump Fedora to 39
59056a02 silence security false positives from golang/net
452bf88e build: update libseccomp to v2.5.5
3fada6ec tests/int: fix flaky "runc run with tmpfs perm"
aae41a4b Fix integration tests failure when calling "ip"
82a8b979 update go version to 1.21 in cirrus ci
03271050 ci/gha/cross-i386: pin Go to 1.21
29d6d873 VERSION: back to development
51d5e946 VERSION: release 1.1.12
e9665f4d init: don't special-case logrus fds
683ad2ff libcontainer: mark all non-stdio fds O_CLOEXEC before spawning init
b6633f48 cgroup: plug leaks of /sys/fs/cgroup handle
284ba305 init: close internal fds before execve
fbe3eed1 setns init: do explicit lookup of execve argument early
0994249a init: verify after chdir that cwd is inside the container
506552a8 Fix File to Close
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.0.0-rc.1-8-g0426e3c2e, which comprises the following commits:
c27bcdc56 cri: introspectRuntimeFeatures: fix nil panic
c5ba71d11 Makefile: update default PACKAGE to v2
094bafe2a apparmor: Allow confined runc to kill containers
e461a59ae fix migrateConfig for io.containerd.cri.v1.images
eb5a0c04b apparmor: add `signal (receive) peer=/usr/local/bin/rootlesskit,`
5e470e1ca Update HTTPFallback to handle tls handshake timeout
a37b451cd build(deps): bump tags.cncf.io/container-device-interface
888fd315f Update CNI to v1.2.0
13e6b2b68 update to go1.21.9, go1.22.2
42e4de9c5 Prepare release notes for v2.0.0-rc.1
4a31bd606 chore: use errors.New to replace fmt.Errorf with no parameters will much better
a6a82c102 Update hcsshim to v0.12.3
7e60d5a07 Account for ipv4 vs ipv6 localhost in windows port forwarding
a153b2cd3 mod: bump github.com/containerd/nri@v0.6.1
77512e2d7 build(deps): bump the golang-x group with 3 updates
c8d9eba7c build(deps): bump github.com/klauspost/compress from 1.17.7 to 1.17.8
1c0f73aa0 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.0 to 2.2.1
32caaee48 Snapshotters: Export the root path
b82ced57f fix: close profile
c7ea06a69 fix default working directory `hostProcess`
1040c7b98 build(deps): bump the otel group with 8 updates
b50e9eae4 Refactor spots to make use of sys.IgnoringEintr
3ea69db8e Add helper to ignore eintr
1b6222418 Bump tags.cncf.io/container-device-interface to v0.7.1
ad584ebec Replace direct waitid syscall with unix.Waitid
7c5078459 Remove empty default tls configuration in ctr
b6e361694 cri: add pause image name to annotations
0ec14fdf8 core/diff/apply: use unix.Syncfs
739659a4b build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2
433279438 Transfer: Registry: Enable plain HTTP
88b4cc659 address review comments
f20c49311 Update tracing documentation to add details about manual instrumentation
63d5573a3 remote: Fix HTTPFallback fails when pushing manifest
2474a99c3 Add IsNotFound case to ListPodSandboxStats
3830f8167 fix(cri): fix unexpected order of mounts since go 1.19
cbb644182 build(deps): bump github.com/Microsoft/hcsshim from 0.12.0 to 0.12.2
362fcf2d2 build(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0
5b6ae0f79 Use different containerd sock address in tests
ab2c569fb ctr: fix parsing mount options
b97ef91fb Change port forwarding on windows
ea681afba docs: fix typo
6d00c3ada runc-shim: only defer init process exits
da4ca4949 build(deps): bump github.com/pelletier/go-toml/v2 from 2.1.1 to 2.2.0
dd72fb3b2 build(deps): bump github.com/intel/goresctrl from 0.6.0 to 0.7.0
e41e9e11b transfer: Platform matcher should match multiple platforms
d0d35f0d0 core/images/archive: normalizeReference: remove outdated TODO
26158609b pkg/seutil: move to internal/cri
33732bc13 pkg/systemd: move to internal/cri
0d0850af1 Prepare v2.0.0-rc.0
f5abb63c0 Update mailmap
30813f646 build(deps): bump github.com/containernetworking/plugins
0fafc0c50 build(deps): bump github.com/checkpoint-restore/go-criu/v7
7c1fca096 Update migration script based on usage
45e425ccc vendor: github.com/golang/protobuf v1.5.4
4aa6fedd5 CRI: postpone removal of deprecated config properties
34c545824 Automatically decompress archives for transfer service import
df26c189a Clean cri options and useless parms
88421068f Fix invalid event filter in podsandbox
357c59b79 Update github actions ci to run on forks
4b719cc4b build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1
10c7f03b3 build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0
21d3fedf4 build(deps): bump softprops/action-gh-release from 1 to 2
228aa42a6 build(deps): bump the otel group with 8 updates
47d13767f Clean typos in plugins.
7ac9d6909 Use the Go toolchain in CI matrix to build binaries
6a96e4501 Move shim package to pkg
f25770e48 Wire through CRI ContainerCheckpoint RPC
7ecdebff9 update to go 1.21.8, 1.22.1
723306d0e Disable OOM set score unpriv test temporarily
994fdd74e Don't create new scratch VHD per image for CimFS
016b588a9 build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0
d9409c461 Update hcsshim to v0.12.0
00d714e90 build(deps): bump the golang-x group with 2 updates
ab4de3e4c build(deps): bump azure/login from 1 to 2
713dd8f8d go.mod: k8s.io/cri-api v0.30.0-alpha.3
d9b9160ae mv internal/testutil pkg/testutil
752917c0f build(deps): bump github.com/prometheus/client_golang
7a3b7fba5 Transfer: Registry: Enable to use registry configuration diretory
1bf781d8e Cleanup introspection interface
5bd204109 Remove grpc from Client connection interface
347346e3c Add ttrpc support to content proxy
9104e6a24 Add events proxy interface
892dc54bd runc-shim: process exec exits before init
9128ee0a9 Move nri packages to plugin and internal
d0da3d1ca sandbox: make event monitor in CRI independent
17ea3959b adds mediatype to oci index record
c5ef8a2c2 fix(docs): fix duplicate instructions for windows installation
87e8e9c7f Add Go client stability in releases for 2.0.
72f21833b Move events to plugins and core
caa9e2075 add k8s 1.29 and 1.30preview to support table
154ed26a7 vendor: go.etcd.io/bbolt v1.3.9
6d1dfe55f cri: ensure the pause image loaded in older versions is pinned
2884b318f build(deps): bump github.com/klauspost/compress from 1.17.6 to 1.17.7
bd44df8a1 refactor code - clean switch and if statements
a60e52f58 sandbox: add struct tags for PinnedImages
a0b73ae11 sandbox: optimize the lock in PodSandbox
0f1d27412 sandbox: add methods to sandboxService
a2768f19d plugins/sandbox: move local plugin into services
d651cb743 mediatypes: support zstd compression
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We no longer need the split between container-docker and
containerd-opencontainers and dependent layers have been
given over a year to adapt.
We do keep the provides and rprovides around for a bit
longer, but those will also be removed in the future.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix following QA WARNING:
WARNING: QA Issue: File /usr/bin/kubectl in package kubectl contains reference to TMPDIR [buildpaths]
WARNING: QA Issue: File /usr/bin/kubeadm in package kubeadm contains reference to TMPDIR [buildpaths]
WARNING: QA Issue: File /usr/bin/kube-proxy in package kube-proxy contains reference to TMPDIR [buildpaths]
WARNING: QA Issue: File /usr/bin/kube-apiserver in package kubernetes-misc contains reference to TMPDIR
WARNING: QA Issue: File /usr/bin/kubelet in package kubelet contains reference to TMPDIR [buildpaths]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update containerd to v2 to fix following containerd version:
containerd github.com/containerd/containerd/v2 2.0.0-beta.0+unknown
it should be like:
containerd github.com/containerd/containerd/v2 v2.0.0-beta.2-204-gb1624c362.m b1624c3628954e769dd50783b63823040b2db38c.m
* Remove CONTAINERD_PKG, it is not used
* Update default PACKAGE in Makefile to v2
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-buildmode=pie need cgo is enabled, but for kubernetes, some build
targets are static, and cgo is disable in build script directly, refer
[1]. If we add -buildmode=pie by default, will cause these static target
build failed with error "-buildmode=pie requires external (cgo) linking,
but cgo is not enabled".
This warning is acceptable, so just skip it.
[1] https://github.com/kubernetes/kubernetes/blob/master/hack/lib/golang.sh#L811
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
| |
When converting to use {systemd_user_unitdir}, the closing brace was
omitted
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Signed-off-by: Theodore A. Roth <troth@openavr.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The value of USERSYSTEMDDIR is currently set to
${systemd_unitdir}/user, which might not be present in user unit
search path.
Use dedicated bitbake variable ${systemd_user_unitdir} instead.
Signed-off-by: Lukasz Czechowski <lukasz.czechowski@thaumatec.com>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
| |
Upstream dropped cgroup handling in lxc-test-usernic lxc-test-unpriv and
lxc-test-apparmor-mount to fix the broken cases.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.12-2-ga9833ff3, which comprises the following commits:
29d6d873 VERSION: back to development
51d5e946 VERSION: release 1.1.12
e9665f4d init: don't special-case logrus fds
683ad2ff libcontainer: mark all non-stdio fds O_CLOEXEC before spawning init
b6633f48 cgroup: plug leaks of /sys/fs/cgroup handle
284ba305 init: close internal fds before execve
fbe3eed1 setns init: do explicit lookup of execve argument early
0994249a init: verify after chdir that cwd is inside the container
506552a8 Fix File to Close
d0b1a374 keyring: update AkihiroSuda key expiry
d561e5da keyring: update cyphar@cyphar.com key expiry
7887736f VERSION: back to development
4bccb38c VERSION: release 1.1.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v5.0.1-4-gbb81e85a4, which comprises the following commits:
63f6a78eb Packit: Enable CentOS Stream 10 update job
e22c9dd65 Bump to v5.0.2-dev
946d055df Bump to v5.0.1
131f3d089 Add release notes for v5.0.1
2967eb9a2 [v5.0] libpod: restart always reconfigure the netns
92b3cda79 [v5.0] use new c/common pasta2 setup logic to fix dns
b1dbd477e [v5.0] Bump Buildah to v1.35.3
ebe3f395b hyperv: error if not admin
4b54d1824 libpod: don't warn about cgroupsv1 on FreeBSD
312313872 Use built-in ssh impl for all non-pty operations
70fe2a1c9 fix remote build isolation on client side
bfc63cc32 fix remote build isolation when server runs as root
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping compose to version v2.24.7-21-g33712277, which comprises the following commits:
33712277 chore(desktop): revised feature detection for file shares
e9dc8201 Add Navigation Menu to compose up
39504607 Add support for volume Subpath option
3b541b07 Bump docker v26.0.0
25671ae6 introduce config --variables to list compose model variables
0191e69d Fix docs on default build image name
897d239f Bump compose-go to v2.0.2
c5a760ce add support for annotations
26f687a1 Revert "Bump compose-go to v2.0.1"
ad414613 Bump compose-go to v2.0.1
db4ed895 feat(desktop): synchronized file share integration (#11614)
1b5fa3b9 feat(experiments): add experimental feature state (#11633)
4f97edf3 reduce timeout of the Otel tracing command
bc5fc6ba fix `compose config --format json`
f937e42a Bump compose-go v2.0.0
f46ca459 services shell completion bugfix
b2d4c1b8 fix TestBuildPlatformsWithCorrectBuildxConfig
5a1ba0ef only use ToModel when --no-interpolate is set
17d4229e feat(desktop): add Docker Desktop detection and client skeleton (#11593)
4efb8970 chore(deps): upgrade go to 1.21.8 (#11578)
f35449a6 ci(deps): bump moby/moby & docker/cli to v25.0.4 (#11566)
34b11c4f Add test summary for test jobs in ci
c525373a make code simpler
e99b8ace avoid duplicated "xx exited with code 0" message
8ab8df86 introduce --watch
de178267 move code into small functions for better readability
1680f9a8 restore support for `config --no-interpolate`
5c4f3370 remove docker cli step in ci.yml
58ec0e9f get log to manage `attach`
349d9f34 bump compose-go to version v2.0.0-rc.8
697a48af use an dedicated compose file --quiet-pull e2e test
9b0d1ffc Add a fallback check of Watch pid on Windows False positives were detected when checking the previous watch process state
d10a179f add support of QuietOption to create command
94246f3c pass QuietOption when starting dependencies from run command
9630cc58 when ran with ANSI disabled, force progress=plain
6c175548 Issue-11374: Modified compose up command to respect COMPOSE_REMOVE_ORPHANS environment variable
9b0e3d53 ci: bump engine version to `25.0.3`
de3da829 sort containers to optimize scale down
c79aabde discard stdout for laaarge log test
0aad3221 use listeners to collect include metrics
b1c06770 docs: update cli reference link
e330f590 docs: unify no trailing dots in docstrings and help (#11301)
16c8099c Use listener for file metadata
07bda596 fix deadlock collecting large logs
d2034029 chore(watch): remove old `docker cp` implementation
894ab41c ci(deps): bump docker/cli to v25.0.3 (#11481)
3ba66453 pass All option to backend api.Service when length statuses is not equal to zero
2eca9313 Add OTEL specs: build, depends_on, capabilities (gpu/tpu)
1fea7c1b build(deps): bump github.com/opencontainers/image-spec
acf2ffb0 feat(tracing): add project hash attr
0d48a93f chore(load): ensure context passed to load
aaa7ef6d Include all networks in ContainerCreate call if API >= 1.44
6ef55a53 bump compose-go to v2.0.0-rc.4
a553db33 CI: docker engine version matrix
05bec55d build(deps): bump github.com/docker/cli
8fdd45cd chore(e2e): fix flaky test & standalone behavior (#11382)
a0954dc5 ci(deps): replace buildkit to fix fsutil issues on Windows (#11426)
05820018 Fix canonical container name
da1a34a8 don't check external network existence when swarm is enabled
8b023ae0 build(deps): bump github.com/docker/cli
8c80297c build(deps): bump github.com/docker/docker
7e991515 Add support for storage_opt
d9791156 ci(deps): update DOCKER_CLI_VERSION to v25.0.1
71bebc16 bump compose-go to v2.0.0-rc.3 which fixes multiple compose files merge issues
25d16d1f build(deps): bump actions/upload-artifact from v3 to v4
ab97dcc7 update MAINTAINERS file
a8bd3b7a Fix load .env from project directory when project file is set by COMPOSE_FILE
811364b4 use a custom version of fsutils that fixes a bug on Windows causing all Compose builds to fail
1551fcb4 introduce stopAndRemoveContainer to share logic scaling down
eb4249ec bump compose-go to v2.0.0-rc.2
1e8241f6 ci(deps): upgrade to Moby v25.0.0 GA (#11381)
053a5604 docs: update link to use canonical URL for command
34ba0bc9 go.mod: github.com/moby/sys/mountinfo v0.7.1
56e38260 go.mod: github.com/google/uuid v1.5.0
c28bf522 bump version of compose-go to v2.0.0-rc.1
51c113b6 build(deps): bump github.com/docker/docker
7cdc7e15 remove watch command from the alpha command
fb026543 build(deps): bump github.com/docker/cli
d688d3bf fix(tracing): batch span exports to prevent blocking
898e1b60 signals/utils: always handle received signals
f414bf78 fix engine version require to use healthcheck.start_interval
3c4593f2 Stop the resource timer after last expected event
d2562029 build(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12 (#11347)
26ed1051 build(deps): bump github.com/docker/docker from 25.0.0-rc.1+incompatible to 25.0.0-rc.2+incompatible (#11349)
191c10b9 build(deps): bump github.com/docker/cli from 25.0.0-rc.1+incompatible to 25.0.0-rc.2+incompatible (#11348)
5d05df6e update compose-go to version using immutable Project functions
b621948c feat(cli): report more useful User-Agent on engine API requests
f5c53c2d ci(deps): bump golangci-lint to v1.55.2
1cfeda71 ci(deps): bump golang to version v1.21.6 (#11331)
2bf2b22f Add source policies for build
575f2ed7 watch: remove requirements for tar binary and for sync target to be rw
5f4b22ed make docs
dcf6bd77 make mocks
80823b77 go ahead and wire up sig-proxy and no-stdin for consistency with underlying docker container attach
2c16e16d docker compose attach via RunAttach (from docker/cli's docker container attach)
d1be9caf build(deps): bump golang.org/x/sys from 0.15.0 to 0.16.0
c3c0cf3d build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0 (#11317)
27987415 gha: update DOCKER_CLI_VERSION to v24.0.7
566d2207 go.mod: github.com/docker/cli v25.0.0-rc.1
d09c39dc go.mod: github.com/docker/docker v25.0.0-rc.1
a1d36379 go.mod: github.com/klauspost/compress v1.17.4
0c55998b go.mod: github.com/felixge/httpsnoop v1.0.4
2f6ec9b7 go.mod: github.com/docker/go-connections v0.5.0
dcbf005f up: gracefully teardown when command ctx cancelled
e105f165 introduce `stats` command
ce5a0c65 Fix cancellable context detection in `AdaptCmd`
f58f23a6 remove ServiceProxy which was introduced for archived compose-cli
9aa52326 go.mod: docker/docker and docker/cli v25.0.0-beta.3
ccd83b8a go.mod: github.com/gorilla/mux v1.8.1
9e57850c go.mod: github.com/docker/distribution v2.8.3
35d3a7ca go.mod: golang.org/x/crypto v0.17.0
6c998602 go.mod: golang.org/x/crypto v0.16.0
402f3688 go.mod: golang.org/x/text v0.14.0
30dd3e66 go.mod: golang.org/x/term v0.15.0
0c4fa017 Bump compose-go v2-beta.2
b12e23b0 build(deps): bump go.uber.org/mock from 0.3.0 to 0.4.0
17da54da introduce build --with-dependencies
1baa4f44 up: fix write/close race condition in logPrinter
7781b7c9 deps: update docker/cli to fix go version selection issue
785835b1 Add support for endpoint-specific MAC address
e4fb5545 build do not require environment to be reslved
74cc0912 github.com/golang/mock is deprecated
5e61c62e collect services to build using WithServices
fb3868ff add support for start_interval
bdbda790 include disabled services for shell completion
ae4fd791 bump golang to version 1.21.5
26aca867 avoid use of service.Name when iterating on project.Services
138facea project.Services is a map
cda04f28 adopt compose-go/v2
85a1aec1 regen docs
9c29d223 use custom config type for OCI v1.0
df6fe59f tweak help message on oci version flag
07df9cc4 fix typo
7c8ff36d move around OCI logic, auto fallback/retry 1.1 -> 1.0
111ad3b0 fix(publish): add OCI 1.0 fallback support for AWS ECR
8026d0e2 adopt container.RestartPolicy*
df1533a1 [lint] don't use deprecated types
8639fbae go mod tidy
56e2ad9e update to v1.25 for RunAttach
ce1ddb6c fix combination of --pull always --no-build
c5824702 build(deps): bump golang.org/x/sys from 0.14.0 to 0.15.0
1f148244 send out a cancel event on SIGINT/SIGTERM
9faef4ae Update README.md to use standard compose.yaml file name
59f11ecb Fix configs are mounted under /<id>
750553c8 introduce compose logs --index to select a replica container
8c964f5a Update E2E test
90ca13b7 Fix E2E test to have index in the correct position
f9946127 Fix docs
ddda59a1 Add index option to compose logs command
e981c358 Add failing test
16c4241c log we don't expose service ports when --verbose
9025d63a bump ddev
a1de0b96 Restore `Project` is ps json output
caa0cbbc Introduce ps --orphans so user can include/exclude services not declared by project
29e9fdba let contributor know we might close unanswered issues
c665c53c bump buildx to v0.12.0 and adapt code to changes
a39cf75e build(deps): bump github.com/compose-spec/compose-go
46ba9c99 build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0
5c5d30c6 build(deps): bump github.com/docker/cli
36fa8d4e build(deps): bump github.com/docker/docker
2384635e build(deps): bump github.com/moby/buildkit from 0.12.2 to 0.12.3
2ba5e4c1 in watch mode force pull policy to build for services with both build and develop attributes This default behaviour will force a rebuild of the service images at watch process startup and be sure containers will be in sync with the local source code
b1a26dac Assume /src/pkg/compose/testdata absolute workingdir to make tests reproducible
5e77ae92 avoir use of []types.ServiceConfig
f5572201 identify services to build and don't display 'building' if none
8e1b3236 fix --remove-orphans not to consider disabled services as orphaned
7cb1f8ba introduce RuntimeVersion for code to check container runtime supports required features
cb01186c push also consider build.tags
9c4efbdd Strip project prefix from docker-compose up output
8ea7c9e0 Make it context aware and add test skipping options
c1694360 render quiet after filtering applied
254a94b0 bump golang to version 1.21.4
cf608fa9 bump compose-go to v1.20.1
426377a4 reject compose file using `secrets|configs.driver or template_driver`
493f6c80 skips flaky e2e tests on watch and attach
646a8fc0 fix docker/compose#11170 add newline in cmd/compose/build.go fmt.Fprint
2945532f fix --pull documentation
e5cd265a improve watch configuration logging Add action associated to each managed path
d646d757 lint
71237ef6 do not resolve cache dir until remote resource is in use
0d905a89 add a copyright notice with original author
b847c7f5 implement runtime file selection
5e3d8f67 re-implement cache folder detection
67279088 introduce --resolve-image-digests for publish to seal service images by digest
4cd61957 fix build
0d4cbbdb fix
9631a49d ENGDOCS-1764
328ca3f2 add docs upstream validation workflow
e1bbfc63 build(deps): bump go.uber.org/goleak from 1.2.1 to 1.3.0
616bba0a linter errors fixed
ee6e3c2a NetworkList to NetworkInspect for ID search
c7e31a3c Squashing feature branch commits in order to add signoff message.
704a9fd3 Use project.ServiceNames() if no service specified in hash
d9e0e42d Add branch configuration for pull_request trigger
c48e3c4a Initial codeql.yml commit
dd0803db fix SIGTERM support to stop/kill stack
39008c53 align with OCI artifact best practices
6c345b37 refactor(cmd/compose/run): remove redundant `len` check
1ffa194e fail start if depependency is missing
b9298101 check that the pull policy provided is a valid one or is not missing when --pull is used
3d0207eb remove uncessary return value of pullComposeFiles function
16a7c209 enable profile when down is ran with explicit service names
818bc3c3 add sync+restart action to watch attribute
38bc6d5d build(deps): bump github.com/containerd/containerd from 1.7.6 to 1.7.7
0b6ce6ee build(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0
ae16bbbf build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0
d13ad1f9 build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0
9b4d577c remove refrecence docs generation
14b43c1a remove cucumber tests as we haven't added new ones for a while
9dd081b9 add support of COMPOSE_ENV_FILES env variable to pass a list of env files
2c0b0232 add dry-run support for publish command
599e4b24 extract method to reduce cyclomatic complexity
fe8c2780 warn user remote resource is disabled
a345515f Don't delete dependent services
8967df7a Apply platform before hashing
4f694919 deps: remove deprecated github.com/pkg/errors
6ecab957 Include image name in error message
12e0ac89 pkg/compose/publish: use empty config descriptor mediaType
a6b7d785 pkg/remote/oci: check artifactType instead of config.mediaType
991901f2 pkg/remote/oci: refer to the manifest as manifest
2d971fc9 update the watch warning message when no services with a develop section
78f33619 ci: enable verbose output for e2e tests (#11045)
44d21280 truncate command by default, introduce --no-trunc flag to get the full command
ff2ff18c build(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2
ab81db5b config --xx don't need `env_file` being parsed
61c8be11 remove --timeout=0 flag to cleanup function of watch e2e test compose down command need the watch process to be killed to succeed
6be5f300 move watch from alpha to main command
c34c306c TestWatch to use new `develop` section
5ca35c88 implement publish
805541be watch: use official `develop` section (#11026)
8f489d6d build(deps): bump github.com/opencontainers/image-spec
9ea8fbc6 build(deps): bump github.com/moby/buildkit from 0.12.1 to 0.12.2
76f150e4 build(deps): bump gotest.tools/v3 from 3.5.0 to 3.5.1
f447c809 build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1
4587d4ba build(deps): bump github.com/containerd/containerd from 1.7.3 to 1.7.6
a697a069 introduce pull --missing flag to only pull images not present in cache
8af49ff3 resolve service reference into container based on observed state
f6e31dbc don't rely on depends_on to resolve volume_from, better use observed state
6d5eb6fd update to go1.21.1
9d7e0ad6 correct scale error messages formatting
1a98a70b add scale command
19bbb12f ci: tweak restricted imports in linter (#10992)
7a134578 deps: upgrade Moby to v24.0.6 and gRPC to v1.58.0 (#10991)
13115468 cli: fix `--build` flag for `create` (#10982)
e1aa4f77 otel: add args & flags to cli traces (#10974)
d7b0b2bd watch: build & launch the project at start (#10957)
e0f39ebb pull OCI remote resource
c9d54f09 introduce publish (alpha) command
52e54ef9 doc: updated README.md to remove broken link
f4f2e934 migrate to github.com/distribution/reference
32c3d0a3 Enable service explicitly requested to be restarted
1fdbcb62 build: pass BuildOptions around explicitly & fix multi-platform issues
407a0d5b up: fix various race/deadlock conditions on exit (#10934)
8caa6f1f pkg/api: replace uuid for basic random id
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Testing podman + netavark without kernel-modules installed
in the image shows some are missing from the rrecomends.
It could be argued that they belong in netavark, but since
podman + netavark are almost always used together, we group
them here.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tested with cni:
root@qemux86-64:~# podman version
Client: Podman Engine
Version: 5.0.1-dev
API Version: 5.0.1-dev
Go Version: go1.22.0
Git Commit: 177ea856f579914e0047655f32eb4f9fbc3ddbc4-dirty
Built: Thu Mar 21 17:59:57 2024
OS/Arch: linux/amd64
root@qemux86-64:~# rpm -qa | grep cni
cni-v1.2.0+rc0+gitb62753aa2bfa365c1ceaff6f25774a8047c896b50+b62753aa2b_b6a0e0bc96-r0.core2_64
root@qemux86-64:~# rpm -qa | grep neta
Tested with netavark:
root@qemux86-64:~# podman version
Client: Podman Engine
Version: 5.0.1-dev
API Version: 5.0.1-dev
Go Version: go1.22.0
Git Commit: 177ea856f579914e0047655f32eb4f9fbc3ddbc4-dirty
Built: Thu Mar 21 17:59:57 2024
OS/Arch: linux/amd64
root@qemux86-64:~# rpm -qa | grep netavark
netavark-1.10.3-r0.core2_64
Bumping libpod to version v5.0.0-4-g177ea856f, which comprises the following commits:
bfc63cc32 fix remote build isolation when server runs as root
f32338dfc bump version to v5.0.1-dev
e71ec6f1d New release: v5.0.0
6b93d9e11 Update RELEASE_NOTES.md with CVE-2024-1753
eb2b16d6d [v5.0] Bump Buildah to v1.35.1
43b9ea8b9 Adjust to the standard location of gvforwarder used in new images
4a84f39b3 Switch to 5.x WSL machine os stream using new automation
a03de4c14 rpm: use macro supported vendoring
069439820 Bump to v5.0.0-dev
f8888a13b Bump to v5.0.0-RC7
2e387df07 Add release notes for v5.0.0-rc7
d36ce9c2b fix invalid HTTP header values when hijacking a connection
8891d592b Use faster gzip for compression for 3x speedup for sending large contexts to remote
59512272b pkg/machine: make checkExclusiveActiveVM race free
51eee609c pkg/machine/wsl: remove unused CheckExclusiveActiveVM()
412648207 pkg/machine: CheckExclusiveActiveVM should also check for starting
1ca93f3fb pkg/machine: refresh config after we hold lock
71320df8e rpm: update containers-common dep on f40+
e58cb97de Change API socket to be machine name isolated
dbf38779b Makefile: drop tests-included from validate target
0fdd83173 Add release notes for v5.0.0
d7bc7b7b4 do not require policy.json
82597144b Machine decompress.go refactoring follow-up
abaa179aa Add target win-gvproxy in winmake.ps1
4c5d26f6f Add final machine endpoint
068ddfd19 update API doc version to 5.0.0
f2af295e4 Bump to 5.0.0-dev
d26113ca8 Bump to 5.0.0-rc6
52ed774c2 docs: generate-systemd: add clarification statement
3d6758a61 docs: quadlet: improve docs on root/rootless dirs
885dd2add [CI:DOCS] performance: fix URL and kernel version requirement
e6ac569a1 [CI:DOCS] Remove outdated references
364813da6 Add note for RHEL 8.5
e220d1ce6 Update module gopkg.in/go-jose/go-jose.v2 to v2.6.3 [SECURITY]
f91b8e77b Update module github.com/go-jose/go-jose/v3 to v3.0.3 [SECURITY]
9b21a5b79 Bump to v5.0.0-dev
bbad09bb0 Bump to v5.0.0-rc5
432f4fbf9 Fix Mac CI
d54a37399 Complete policy.json inclusion
b234bb55e Bump Buildah to v1.35.0
5d3a19f8d podman compose: enable machine socket connection
6f4ee16d9 [CI:DOCS] Add farm command to commands list
25f3a8ce7 podman machine start/stop do not write config unlocked
75fa38d52 [CI:BUILD] Build universal Podman binary for Mac installer
7a7591492 podman machine init: do not write config unlocked
7bfe5e700 Fail on failures to close the file descriptors, and especially the SparseWriter
5e0b7e54c Avoid reliance on fs.ErrClosed in SparseWriter users
4c6505be5 Fix the logic for detecting an unexpected close error
81906081e vendor libhvee-0.7.0
3c9c5be7d podman machine set: change options only locked
a65b546c6 Remove copySparseFile
2ba3a2d56 pkg/machine: fix relative DefaultPolicyJSONPath
724c5a06b Don't read full VM File before decompressing
ff81cf7c7 [CI:DOCS] Fix windows installer action
4d2fc293c machine: make more use of strongunits
92b67a69a Fix wrong units size return
79012795a fix(deps): update github.com/containers/libhvee digest to 7cee23c
d6d260174 [CI:DOCS] Migrate podman container image
a349f8d10 fix(deps): update module google.golang.org/protobuf to v1.33.0
39851a0b9 CI: try to fix more flakes
835cfbc05 [CI:BUILD] rpm: Put the podmansh(1) manual in the podmansh sub-package
945995be1 e2e: fix potential race in file-locks test
02403c2e6 Makefile: podman should have correct selinux label
9ee96a956 properly implement pull-error event status
155cd463d fix(deps): update module golang.org/x/tools to v0.19.0
6272abbbb Resurrect auto-port reassignment, but for all providers
ef7727238 Refactor env dir and port functions into new leaf pkgs
eabf0acfa fix(deps): update module golang.org/x/net to v0.22.0
3b72f9178 Revert "Expose as-tested Mac/Windows repository state"
24516f3ef fix(deps): update module golang.org/x/term to v0.18.0
e8bf9a323 Update podman-for-windows.md
8c9222848 fix(deps): update github.com/containers/libhvee digest to 0ff33af
e09444327 machine init: print output to improve UX
530782e11 logformatter: fixes for Macintosh
ebce0e71d test/e2e: check for stderr errors in cleanup()
ef6d38752 Bump to FreeBSD 13.3 (13.2 vanished)
fc4e16366 Bump to v5.0.0-dev
bce14b1e6 fix(deps): update module github.com/stretchr/testify to v1.9.0
cfc5b8e0f Bump to v5.0.0-RC4
185981fa5 Copy past golang/expansion form ks8.io/kubernetes
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We should ensure that cni is built as part of podman if
that's the configured virtual runtime.
Although cni is not a primary networking backend for
podman, this also allows it to be skipped if netavark is
used.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the vendor components has deleted a commit that docker-compose
is using (and has listed as a replacement in go.mod). Until
docker-compose comes up with a solution, we temporarily revert to
and older compose.
We'll update to the latest 2.23.x if this isn't resolved in 2.24+
before release.
This reverts commit 29ec8e5ceacdf20bd1f836268cf01a6a12484ba3.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In a similar way we package check-config.sh for docker, we package
the contrib script for k3s.
root@qemux86-64:/# ./usr/share/k3s/check-config.sh [48/4924]
Verifying binaries in ./usr/share/k3s:
- sha256sum: sha256sums unavailable
- links: link list unavailable
System:
- /usr/sbin iptables v1.8.10 (legacy): ok
- swap: disabled
- routes: ok
Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000
info: reading kernel config from /proc/config.gz ...
Generally Necessary:
- cgroup hierarchy: cgroups V2 mounted, cpu|cpuset|memory controllers status: good
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_MULTIPORT: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_POSIX_MQUEUE: enabled
Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_SET: enabled (as module)
- CONFIG_IP_VS: enabled
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled (as module)
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled (as module)
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled (as module)
- CONFIG_INET_XFRM_MODE_TRANSPORT: missing
- Storage Drivers:
- "overlay":
- CONFIG_OVERLAY_FS: enabled
STATUS: pass
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
k3s will refuse to start if the golang version it was built
with doesn't match the VERSION_GOLANG linker variable.
As an example: https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/61668
We query our version of the compiler and set it in the binaries
to ensure they match.
Note: this may cause issues if you bump the golang compiler, but
k3s doesn't rebuild. We'll worry about that when it happens.
With this change, k3s starts and the node becomes ready.
root@qemux86-64:~# uname -a
Linux qemux86-64 6.6.20-yocto-standard #1 SMP PREEMPT_DYNAMIC Sun Mar 3 16:28:22 UTC 2024 x86_64 GNU/Linux
root@qemux86-64:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
qemux86-64 Ready control-plane,master 10m v1.28.7-k3s1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
|
|
| |
Adding Upstream-Status and reformatting some of the long logs.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
| |
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
|
|
|
|
| |
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
|
|
|
|
| |
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
|
|
|
|
| |
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Inherit python_setuptools_build_meta instead of setuptools3, as
this is the build-backend declared in the pyproject.toml
We seem to need python3-protobuf-native as a DEPENDS, but
then the dependency check complains because our version in meta-python
is python3-protobuf_4.25.bb
Workaround this (for now?) by telling python3 -m build to --skip-dependency-check
This allows criu to _build_. Whether it is functional and proper is a different
story.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
|