| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping nerdctl to version v2.2.1, which comprises the following commits:
38507f9b chore: improve the visibility of orphaned containers in logs
7ba0ae28 build(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0
4a8e9d0e build(deps): bump docker/setup-buildx-action from 3.11.1 to 3.12.0
59b65692 update kind (0.31.0)
017436cd update Kubo (0.39.0)
86228374 update soci-snapshotter (0.12.1)
5fb35451 update RootlessKit (2.3.6)
f7e5bc5a update imgcrypt (2.0.2)
32f9ae12 update BuildKit (0.26.3)
3f62767b update CNI plugins (1.9.0)
14b8fa49 update runc (1.4.0)
d46dec33 update containerd (2.2.1)
f5c1822c build(deps): bump github.com/rootless-containers/rootlesskit/v2
300c75fd build(deps): bump github.com/containerd/nydus-snapshotter
a7d9fb0f build(deps): bump github.com/containerd/containerd/v2
aa98f6cb Fix `'C:\\Program Files\\Linux Containers\\kernel' not found`
5db35e0d nerdctl image prune -f means --force, not --filter
bc45754a (feat): Default net.ipv4.ip_unprivileged_port_start to 0 inside containers
e5d183ff Revert "Fix SOCI image convertion regression for 0.12.0 release"
8221594a test: refactor compose_up_linux_test.go to use Tigron
deb3bff4 build(deps): bump github.com/docker/cli in the docker group
b7853787 build(deps): bump actions/cache from 5.0.0 to 5.0.1
7c2a81da docs: add additional nerdtest `Requirement`
a3411d2f build(deps): bump actions/cache from 4.3.0 to 5.0.0
151623b1 --help: fix output
6fd5210f build(deps): bump the golang-x group with 6 updates
d5feed79 build(deps): bump github.com/containernetworking/plugins
a853c646 build(deps): bump github.com/containerd/nydus-snapshotter
025f455c Refactor container_exec_test.go to use Tigron
f4991ec2 fix: support tmpfs long syntax in compose volumes
7e68e602 Refactor container_list_test.go to use Tigron
ec41209c build(deps): bump tonistiigi/xx from 1.8.0 to 1.9.0
d9bfe485 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2
e6aa885d build(deps): bump github.com/containerd/nydus-snapshotter
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some upstream Go module repositories get deleted from GitHub (e.g.,
github.com/vtolstov/go-ioctl). While the Go module proxy still serves
cached archives, VCS mode cannot git clone a deleted repo. This causes
both do_fetch failures and generator verification failures.
Add GO_MOD_VCS_EXCLUDE recipe variable (space-separated module path
prefixes) and corresponding --exclude-module CLI flag. Excluded modules
are filtered out before verification and SRC_URI generation. Recipes
must provide a gomod:// SRC_URI entry for excluded modules as fallback.
Usage in recipe:
SRC_URI += "gomod://example.com/deleted-repo;version=v1.0.0;sha256sum=..."
GO_MOD_VCS_EXCLUDE = "example.com/deleted-repo"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping kubernetes to version v1.35.2-20-gb6f632ba56e, which comprises the following commits:
b57e146aec7 cmd/kubeadm: ignore EINVAL error during unmount
af6488c9d55 Use localhost image reference in PodObservedGenerationTracking test
61003ad140a drop publishing rules from dependencies.yaml on release branch
b9be60a8c53 start scheduler after creating binding/non-binding slices
659d489e8dd dra: stabilize DeviceBindingConditions BasicFlow by creating without-binding slice first
02115b6ee1f Update CHANGELOG/CHANGELOG-1.35.md for v1.35.2
fdc9d74cbf2 Release commit for Kubernetes v1.35.2
1c0c911c3ca kubeadm: do not add learner member to etcd client endpoints
d05c5065395 Fix flake TestDeviceTaintRule test by adjusting event hanlder status update logic Co-authored-by: Pohly <patrick.ohly@intel.com>
69d9b9ba0c4 Bump images and versions to go 1.25.7 and distroless iptables
2371267d2f2 add dockerized go cache to `make clean`
de51841dbf7 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.1
8fea90b4524 Release commit for Kubernetes v1.35.1
bd399917375 fake client-go: un-deprecate NewSimpleClientset
9bfc5ec55a7 Apparently some EC2 images we use do not have /proc/net/nf_conntrack
33b34518bae test: cleanup from review
9aad4027810 test: Fix KubeProxy CLOSE_WAIT test for IPv6 environments
701cf03e7bb test: Read /proc/net/nf_conntrack instead of using conntrack binary
f12bff04ab6 csi: raise kubelet CSI init backoff to cover ~140s DNS delays
0ac5e229e14 test(ut/dra): add unit test for pod requesting prepared and new claims
fe7f31bdcb1 test(e2e/dra): add test for pod requesting allocated and new claims
261b29aaa2f DRA integration: more pods per node, more parallelism
4885212b5b9 DRA integration: add "uses all resources" test
82b2a9d543f DRA scheduler: fix another root cause of double device allocation
f296d4a9a46 DRA scheduler: fix one root cause of double device allocation
a1f4382971f fix(kubelet): convert V().Error() to V().Info() for verbosity-aware logging
a77bd451173 fix(expansion):Resolve the issue of UTF-8 characters being truncated, resulting in invalid UTF-8
06a4889419e Bump images and versions to go 1.25.6 and distroless iptables
1d79222fd52 kubelet(dra): fix multiple claims handling
0a9d14b01c4 Fix flaky TestApplyCRDuringCRDFinalization test
6d23c3f5403 Fix for preferred dualstack and required dualstack in winkernel proxier.
ecc28f9d84a kubeadm: waiting for etcd learner member to be started before promoting during 'kubeadm join'
72a5892dca9 kubectl: Fix panic in exec terminal size queue
353648793e1 bump go to 1.25.6 for CVE fixes
41e2e598dc9 kubeadm: fix a bug where kubeadm upgrade is failed if the content of the `kubeadm-flags.env` file is `KUBELET_KUBEADM_ARGS=""`
870c561aeea Fixes the flaky test (Issue #132953)
646e656a561 Switch ipvs and winkernel back to more regular forced syncs
69e322920ef mark QuotaMonitor as not running and invalidate monitors list
923cb5be10e Add unit test with CSIDriver.SELinuxMount=false
1f001b78805 Added e2e tests with disabled SELinux
2aeedbd767b Use only enqueuePod to add pods to the controller queue
44b1306e553 Fix policy of Pods with unknown SELinux label
b1c7820806d selinux: add e2e test with a completed pod
7d9af54b956 Add new unit tests
6edce1ddecb Rework unit tests to builder pattern
b84206f5af2 selinux: Do not report conflits with finished pods
9993d83107f refactoring: use a common function to enqueue Pod
802ed9eaa9f add StatefulSetAvailabilityCheck test
04da1f09e5d replace "k8s.io/klog/v2/ktesting" with "k8s.io/kubernetes/test/utils/ktesting"
f8578e8d8b7 schedule pod availability checks at the correct time in StatefulSets
e7c2ecf799f wire now (time) to the availability checks in the StatefulSet controller
c52a5384b91 Fix race condition in DRA health e2e test pod status update
28fffe71c46 kubeadm: always retry Patch() Node API calls
2a663d9a3a2 Disable SchedulerAsyncAPICalls in v1.35 due to performance issues
62b0580535f kubeadm: do not sort extraArgs alpha-numerically
778b9a97713 Update vendored hnslib to v0.1.2
624047b4f31 refactor: Ensure metricIdentifier uses scheme for kind resolution
b9d3560f7ea Fix apiserver_watch_events_sizes metric.
5345aa5a9b4 hack/lib/util.sh: support uutils' `date` command
e63eccd82f1 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.0
66452049f3d Release commit for Kubernetes v1.35.0
ea0dce1df19 CHANGELOG: Update directory for v1.32.11 release
f58f81d9175 local-up-cluster.sh: support more recent containerd like 2.2
04d87a4b6e7 CHANGELOG: Update directory for v1.33.7 release
f887a29fe22 CHANGELOG: Update directory for v1.34.3 release
612122f1d79 CHANGELOG: Update directory for v1.35.0-rc.1 release
91b0dfb7a49 Update CHANGELOG/CHANGELOG-1.35.md for v1.35.0-rc.1
08b536721bb Release commit for Kubernetes v1.35.0-rc.1
8d4237fde8a kubelet: Fix nil panic in podcertificatemanager
2c811fdd3a1 etcd: Update etcd to v3.6.6
dede2886a84 update publishing rules
eae2a1bd5f5 Bump images and versions to go 1.25.5 and distroless iptables
3f42ca14011 downgrade reflector watchlist fallback log to V(4)
91e221b0471 DRA upgrade/downgrade: roll over only after -alpha.0
91368adbb55 Use transformer in consistency checker
76da8d6de02 Add unit tests for Data Consistency Detector
88c20d46a4e [client-go #1415] Embed proper interface in TransformingStore to ensure DeltaFIFO and RealFIFO are implementing it
c6fa10dbb7c add release-1.35 publishing bot rules
03066850f63 remove TestEtcdSupportedVersionLength, no longer relevant
aa54ffa485a fix etcd versions after rotation
4a944d1a3fa add skew -2 version in SupportedEtcdVersion
51f614a1562 ipallocator: handle errors correctly
de1b8e076a3 Fix MAP failure on objects with duplicate list items
76b76c2d523 CHANGELOG: Update directory for v1.35.0-rc.0 release
496077da56d Release commit for Kubernetes v1.35.0-rc.0
f8be8d320f3 drop rules for release-1.31 as it is EOL
7e3e9b6a64b update publishing rules
5302b929ae5 Bump golang.org/x/crypto to v0.45.0
fcdc4e24950 Remove TestWatchStreamSeparation from storage/cacher related tests
3661554f872 Bump images and versions to go 1.25.4 and distroless iptables
dae1dbc1ff1 KEP-5311 - Revert RelaxedServiceNameValidation promote to beta
6bf802807b7 Make unique signerName per pod certificate test
d80e73c0a9f cleanup: removed uncached client plumbing, keeping the sequencing fix for quota validation
c33c0464db3 DRA: Fix flaky integration test
950dfd612b4 test: add test for Ingress Update
ac90e6a809a Fix: Check defaultBackend in allowRelaxedServiceNameValidation
5ed9501d3cc Fallback to live ns lookup on admission if lister cannot find namespace
4cf195304ca CHANGELOG: Update directory for v1.35.0-beta.0 release
3e19cc51601 Address review comments
04eb121d32e Fix failing scheduler_perf test cases that don't set any feature gate
f60f5b24605 Refactor: Contextualize CRDFinalizer to fix goroutine leak
e08c1e4ce35 Fix alpha API warnings for patch version differences
a66c025dc9e test/e2e_node: Update procMount test to use Restricted PSA level
f76d0e5aa48 test/e2e: replace forbidden gomega.BeTrue usage with Eventually(...).Should(Succeed())
216aaf76cba vendor: update vendor and license metadata after replacing BeTrue usage in csi tests
cee5b837da9 Resolve lint restriction on BeTrue by introducing Succeed() with contextual error messages
854e67bb51e KEP 5598: Opportunistic Batching (#135231)
c68b35c4c75 Update vendored dependencies
1ce140d1055 update github.com/opencontainers/selinux to v1.13.0
f33a6e5a925 CHANGELOG: Update directory for v1.32.10 release
ea83385231f CHANGELOG: Update directory for v1.31.14 release
b6e83d29fc6 CHANGELOG: Update directory for v1.33.6 release
4b20e5c3fe3 CHANGELOG: Update directory for v1.34.2 release
71ddb98ae4d Remove image volume e2e test because CI has containerd < 2.1
5ac2ffcc1e3 Enabling NodeDeclaredFeatures in unit tests
0e883083bf9 Add InPlacePodLevelResourcesVerticalScaling declared feature.
10b73f8ef9f Test fixes
21920bb37e9 Test fixes
0f88a9a17e4 verioned_feature_list update
8920eb91077 Unit test for AddPod with PLR resources
66248c262c3 Unit tests for allocation manager
1733d8fc8c8 e2e tests
edc3b77cf8a Kubelet changes and unit tests
11ff4efcdeb Kubelet changes to support IPPR + PodLevelResources
7645eb70e92 Scheduler changes to support pod level resources in place resize
84776abaff4 Modifying validation logic and pod strategy for PodResize to accommodate for Pod Level Resources resize
b8777c32633 Generated files from API changes
efc3126b768 Adding Resources and AllocatedResoures fields to the list of expected fields in PodStatus in admission test
69c1fd72aa0 API changes for Pod Level IPPR related PodStatus fields
6d301342569 Adding InPlacePodLevelResourcesVerticalScaling feature gate
d26b44540e3 move Ensure Secret-Pulled Images feature to beta
805eb885e3e node e2e: add tests for Ensure Secret Image Pulls default policy
0b47a378611 Keep pod in running state and prune past container status from runtime
2f55207dffd Fix volume performance tests with performance constraints
094b1bf0188 fix [sig-node] Container Runtime blackbox test when running a container with a new image [Serial] should be able to pull from private registry with secret [NodeConformance]
2c81b6e8adc fix: replace BeTrue with BeTrueBecause for better failure message
bb822259984 ImagePulledRecord API: don't serialize nulls
99ceb201738 kubelet/image-manager: pulled images records storage version migration
6fd9878056c kubeletconfig: copy ImagePullIntent, ImagePulledRecord to v1beta1
aceb89debc2 KEP-5471: Extend tolerations operators (#134665)
aac951d9022 Add dependency for NodeDeclaredFeatures
97c3f575b98 Refactor validation
2eb1eeeabf0 add disruptive tests
83c5cd5526f Implement restartPod action
fab280950da Add client-go credential plugin to kuberc
d979816a40d Fix e2e test cases for EnvFiles
d82fa1eb98c test: use localhost and HostNetwork for registry, mark test as disruptive
8d0fb17a18f e2e test registry: force IPv4 localhost IP
ad0a3de152c node-conformance-e2e: restart the kubelet after loading credential config
1225ce509e6 scheduler: KEP-5007 add integration tests
368e699ed2e scheduler: KEP-5007 move BindingConditions integration tests to separate file
e88aa1e04d7 Integration tests for setting and clearing NominatedNodeName
9c5959e9de8 Fix failing test for pod group scheduling timeout on Windows
3b3e4dd2c48 fix missing major.minor in golang: upstream version
e6d95a7b381 Promote NominatedNodeNameForExpectation and ClearingNominatedNodeNameAfterBinding feature gates to beta
b5dae0ffaa0 DRA: Update e2e tests for Partitionable Devices
4d29f88c886 DRA: Update integration tests for Partitionable Devices
7861714e6cc DRA: Add validation in resourceslicecontroller for Partitionable Devices
38b5750e33a DRA: Update allocator for Partitionable Devices
c7b277a32e1 KEP 4639: Move ImageVolume to on by default beta
6689fa7b006 DRA: Update ResourceSlice max size tests for Partitionable Devices
93fc7422ee8 DRA: Update validation for Partitionable Devices
ef3f6a25075 Run make update
e73fd4204d8 DRA: Update types for Partitionable Devices
f8ccc4c4d78 dra scheduler plugin: refactor extendeddynamicresources.go for readibility
b9e59e8ea9a test: Add integration tests for peer-aggregated discovery
8f2c0a9a60f kube-apiserver: Enable peer proxy and peer-aggregated discovery
2f5f1749e5d apiserver: Add peer proxy and peer-aggregated discovery support
c72f9f73d92 discovery/aggregated: Add invalidation callback support
6b8f7938889 discovery/aggregated: Add peer-aggregated discovery handler
d6907457723 peerproxy: Refactor into separate files and add exclusion filter
6a07342d37a discovery: Add profile-based content negotiation
3b89deb6b37 util/sort: Add MergePreservingRelativeOrder for topological sorting
3be9af427fa Fix revert conflict
e6574b416fd Revert "Unit test for emulated storage version selection"
e8176f6f9f4 Revert "Don't pick versions that have a replacement as storage version"
2d3e0639230 mark device manager as haelthy before it started for the first time
da9f1d8eed7 dra scheduler plugin: move extended resources functions into separate file
b07c8698b9f test: add retry to getMetricsFromNode
fbe8d4c63cf upgrade go to 1.25.4
1c4cab9dda8 DRA scheduler unit test: fix race with ResourceSlice informer
789f06544de DRA allocator: fix result logging
fc404b6a3d8 Cache DRA state for scoring extended resources
f86a456ea3d Switch kube-proxy/server.go to context-aware logging APIs (HandleErrorWithContext, UntilWithContext)
e986000e6a7 KEP-5607: Allow hostNetwork pods to use user namespaces
54702182c2d graduate PodTopologyLabelsAdmission feature gate to Beta and on by default
d25c5251f94 Fix the DRA extended quota test
bf7dbb129fb DRA: test performance for scoring extended resources
a9dcc8e2c94 Fix sending OnFinish to in-flight async API calls in scheduler
6b764d555f1 test: update MutableCSINodeAllocatableCount tests for the new attacher
da1981248e3 test: update CSI manifests
049cb8558e8 Add integration test for gang scheduling
4a067cc022e Add read Workload permissions to kube-scheduler
c086bdeaa22 Add integration tests for gang queueing
8d67173de0d Implement Gang scheduling in kube-scheduler
5d1f9107ef8 test: fix sed in update-hostpath.sh
a3093a95f26 test: don't remove group snapshot script
54b6ab67479 e2e: Add tests for Workload API
02acdd60574 kubectl: Add Workload to kubectl describe pod
078f462a955 api: Workload API and Pod WorkloadReference generated files
96392746769 api: Create Workload API
9677ac4c0be api: Add WorkloadReference to Pod spec
b6006528e1e Add feature gates
dfaed0586f2 test: skip snapshot-metadata sidedcar in update-hostpath.sh
6da8d6e94d4 remove deprecated Ingress api from describe
edbc32fa602 DRA: implement scoring for extended resources
fc9f02e2541 refactor: rename and suitable docstring
8be985d4fab kubelet: fix concurrent map write error when creating a pod with empty volumes when the LocalStorageCapacityIsolationFSQuotaMonitoring feature-gate is enabled
a02748c1243 kubelet: delay looking up pod image pull credentials until necessary
95a59d0cfb5 DRA scheduler_perf: write JSON where perf-dash expects it
1499524e8e9 E2E node: temporarily disable flaky "pull from private registry"
78a8c2e6a35 mention MutablePVNodeAffinity in the API doc
3882f0cf177 allow PV.Spec.NodeAffinity update
b622363659b add feature gate MutablePVNodeAffinity
ee481b97e0b fix sorting logic after after normalizing errors
71c02338df3 Fix the failing e2e test case in Standalone mode.
a2dfa0fd731 run gofmt to fix formatting issue
6b949e79931 Add integration test for admission controller.
c06297b3298 Add integration test for kube-scheduler plugin.
540ffbd7230 feat(usecase): Introduce IPPR with static CPU policy support to use node declared features framework.
e7a42e8e8e0 feat(admission): Add NodeDeclaredFeatures admission plugin
649d9c532a5 feat(scheduler): Add NodeDeclaredFeatures scheduler plugin.
192d93f7cb9 add e2e tests for static pod and standalone mode
879d81ff062 promote EnvFiles to beta
0976b6ada37 Improve env file syntax
47fb373c317 run update-codegen.sh
a5a2cfdb353 fix(validation-gen): Correct ratcheting for uncorrelated old values
c30b75b0085 feat: Implement node declared features reporting and validation.
3c22291a4b0 autogenerated files from "make update"
e1f181e3632 feat: Add common library for declared feature discovery, inference and matching.
c9327d00b11 feat: Add NodeDeclaredFeatures feature gate and API fields.
801de96635b DRA: ConsumableCapacity update allocating and registry test cases
870062df4f1 adjusts DRA extended resource quota to include devices usages from regular resource claims
66769823160 fixed non-sidecar init container device requests and mappings
4eb0d39bf51 emit more events when the pod resize status changes
481f30bd645 hack/update-conformance-yaml.sh
30965ea3ce6 drop MinimumKubeletVersion for unsupported kubelet versions
da6d15adf6b Fix NPE in CEl accessors of additionalProperties=true objects
030d72959e8 feat(validation-gen): Refactor testscheme and add ratcheting bug tests
499bff4ca46 Revert "controller: duplicate utility method cleanup"
5a7c90fb767 Allow mutable scheduling directives for suspended Jobs
60744fc8b9c DRA device taint eviction: track evicting rules
95279872936 DRA device taint eviction: use NOP queue during simulation
eaee6b6bce0 DRA device taints: add separate feature gate for rules
8d823b65236 add minimum kubelet version for ippr tests
eea7c1403fa [DRA] Add ShareID to kubelet plugin API
3f8444210cb Add e2e tests, metrics and events for podcertificaterequests v1beta1
53df4f9be69 CHANGELOG: Update directory for v1.35.0-alpha.3 release
fbfeb33231f DRA: Add scoring for Prioritized List feature
374baacf92c Check HealthCheckTimeout in updateHealthInfo comparison
a49bc6f2fbb kube-proxy/winkernel: fix stale RemoteEndpoints due to premature clearing of terminatedEndpoints map.
79dc7908ff3 Fix potential dryrun failure when NodeLocalCRISocket reaches GA
7db53119521 feat: Add MutablePodResourcesForSuspendedJobs feature gate
949be1d132b fixed comments due to switch from class name to class for GetDeviceClass
c77a39c06fe Address review comments and fix failing tests
320987ead3a Addressed comments
902c2e0c150 Fix lint errors in dynamicresources_test.go
396a7c1a12a test/e2e/node: add minimum kubelet version to some pod tests
c5b14939253 Add test case for claim creation failure in DRAExtendedResources
ea7561b243a Implement scheduler_resourceclaim_creates_total metrics for DRAExtendedResources
5102591a6b9 Refactor resource claim metrics to use structured labels and add "source" dimension.
9cad3f87876 Introduce kuberc view/set commands under kubectl alpha (#135003)
326b7eaa526 e2e/storage: deflake CSI Mock volume expansion quota validation
18967f53ddd enable commentstart check on adminssion API group
3b0913c8666 fix test case
693f42bfc16 KEP-3619: deleted unused SupplementalGroupsPolicy in e2e/feature
120bcee0578 KE-3619: fix emulation version in unit tests
d12663248d5 KEP-3619: fix removal version for SupplementalGroupsPolicy feature
0aea256ef96 revert of 8f0a6583ca81a64475e69a8b6b4d06bbe0c2ac67
4acafd92452 [DRA] Fix unexpected errors on ResourceClaim strategy update
9ca74a33595 test: register kube features in unit tests
024382658b6 controller/volume/vacprotection: Improve goroutine mgmt
e08d03b1b5c controller/volume/selinuxwarning: Improve goroutine mgmt
1e6ad423bf1 controller/volume/pvprotection: Improve goroutine mgmt
0caae6f7041 controller/volume/pvcprotection: Improve goroutine mgmt
ed74779a0f9 controller/volume/persistentvolume: Improve goroutine mgmt
8eab454e38e controller/volume/expand: Improve goroutine mgmt
27774052abd controller/volume/ephemeral: Improve goroutine mgmt
12205df76de controller/volume/attachdetach: Improve goroutine mgmt
9d4ff6ecf2b controller/tainteviction: Improve goroutine mgmt
d2a443db75e controller/serviceaccount: Improve goroutine mgmt
c641df792b6 controller/resourcequota: Improve goroutine mgmt
d908a470a55 controller/garbagecollector: Improve goroutine mgmt
90f0fd09f20 provision 10G disks for testing pvc instead of 1 byte or 1GB
90d32919ee5 chore: cleanup unneeded imports
2a3f66d3f6b KEP-5284: Implement Constrained Impersonation
8200f9a22c7 add missing apiversion to run_group_snapshot_e2e.sh
3f45a675fc7 DRA integration: test eviction through DeviceTaintRule
bbf8bc766e3 DRA device taints: DeviceTaintRule status
0689b628c7d generated files
f4a453389d2 DRA device taint eviction: configurable number of workers
256591520a5 feat: add OWNERS files for flagz server and api with approvers and reviewers
09dfeeb9881 test: add integration test for /flagz endpoint in scheduler
ba059168c35 test: add integration test for /flagz endpoint in KCM
16db8e2375f feat: add integration test for /flagz kube-apiserver endpoint
2422bc0bb8c feat: Implement structured /flagz endpoint
b3222498fdb added comments, and refactoring to make it explicit and easier to understand.
a181fd2eb81 removed NodeAffinity in the test cases as it is not needed
336a3e92757 Update pkg/scheduler/framework/plugins/nodevolumelimits/csi_manager.go
611b4c1408f Adding batch handling for popping items from RealFIFO
c67937dd352 switched from storing name to storing a pointer to the device class.
c438f8a983c scheduler: Add BindingTimeout args to DynamicResources plugin
a9ff1b19c18 remove deprecated IngressClass api from describe
372328f2814 reverted the inititial device class change
2e479e00f4e refactored the hint function, added test cases
ed62db7acf3 e2e registry: run as pods even in seemingly in-cluster pull tests
a275785bd4f node conformance e2e: log fake registry creds on test failure
fba24a8e715 node-conformance-e2e: finite wait for pod status
5cdb983c2e3 fetch node synchronously on node affinity failure
27a81144b22 Add checkpoint for groupsnapshot data consistency (#134637)
002774c3157 Address review comments
bbbe23dac7c Reapply "prepare DRA kind config for kubeadm v1beta4"
f1bd4f509eb refactor updateUnfinishedWork into separate function to use defer unlock
9113013eb89 Introduce --as-user-extra persistent flag in kubectl (#134378)
82d3c07f0ed test/e2e/apimachinery/watchlist: run WatchList test on most jobs
ca8847149e3 client-go/features: enable WatchListClient for 1.35 release
0639f7f40e0 Allow PSA controller tests to handle failure cases as errors
a079e1ed256 kubeadm: add 'HTTPEndpoints' field to 'ClusterConfiguration.Etcd.ExternalEtcd' that can be used to configure the HTTP endpoints for etcd communication
a92b987b3dc comments
d132afc87ee DRA scheduler_perf: benchmark baseline test cases with different allocators
191ab8d78d8 Integration test verifying that in case a preemptor pod with higher priority arrives while preemption is ongoing, the lower priority preemptor does not get stuck in unschedulable
9640da54524 Verify if pod has ongoing async preemption before evicting pods
3dabd4417d9 KEP-4368: Job Managed By; Promote to GA
c98804b77f3 Fix existing integration tests for NominatedNodeName
81448febcf4 KEP-5278 Clear NominatedNodeName upon scheduling failure
257ff6edcd6 kubelet/app/server_bootstrap_test: fix Test_buildClientCertificateManager
1fc389c43f8 Revert "prepare DRA kind config for kubeadm v1beta4"
cdbe3401431 KEP-3619: remove e2etestskipper in e2e tests for SupplementalGroupsPolicy GA
b3aeead3e22 KEP-3617: Graduate SupplementalGroupsPolicy feature gate to GA and lock to default
9b95eaf5937 Fix pod resize validation when adding non-resizable resources
0631a66d528 address feedback - refactor validateSlice and validateSet to use validateItems
1e8fc543cc7 Fix report health for templated and renamed DRA claims
14f17a3809a addressed review feedback
713b7231d82 Merely check for presence of CSIdriver object
fa31a593b9f Clean up event messages for errors in Portworx in-tree driver
979c4427749 Fix spurious workload rollout due to null creationTimestamp in controller revisions
7d186d870f9 Remove unused and fragile revision hash comparisons
94e085e15ca Add unit test detecting spurious statefulset rollout
a22b3d031fe address feedback
b609d4713c2 added integration test case
7aa849160a8 added queue hint function
3b905ae4b5c added device class add/update events to noderesources plugin when DRAExtendedResource feature is enabled
fe3722dfa9a Address review comments
4bbe8f0cfb1 Add test that verifies scheduler behaviour
b9118183cf1 Fix the boilet plate
39ad8278e23 feat: update DRA to short-circuit on maxSize checks, add a declarative validation test related to this case
eb1a5b6ddfb remove pod resize endpoints from pending eligible endpoints
bdb2e37781a Fix queue to gracefully shutdown
b83a6a83f0f pick the device class created latest, or with name alphabetically sorted earlier
96edaa43d2e Set KubeletCrashLoopBackOffMax feature gate to default enabled for beta.
a3bf2abddb2 Move a comment about ginkgo to code that runs ginkgo
3e33e61968e Enable group snapshot tests
f9ef0049160 E2E framework: start slow tests first
321c1e37c06 Update group snapshot tests to v1beta2
de9138f4fa9 Promote IPPR e2e tests to conformance
c13c5814597 Add given namespace in dryrun=client output of HPA
762b458700b Lock AggregatedDiscoveryRemoveBetaType to true
3eab698884a fixed unit test and integration test failures
363407c500d Re-enable SchedulerAsyncAPICalls feature in v1.35
6dd086536ff DRA E2E: stop labeling tests as ConformanceCandidate
5e0d06082d6 DRA allocator: partial support transition between nodes, fix "is incomplete"
a0e500ace39 Revert "DRA: Allow AllocationMode: All from multi-node resource pools"
30de4235970 Revert "added WithFlaky() to the device plugin test case: supports extended resources together with ResourceClaim"
d3c2115441e Clean NewDefaultKubectlCommandWithArgs for readability
ac9120f6076 Move PluginHandler to separate file
c832203707d pkg/controller/garbagecollector/garbagecollector_test: wrap kubeClient with a client that doesn't support WatchList semantics.
36510ccf56f devicemanager: fix cleanup of healthy and unhealthy devices
12a0c8ce17f DRA extended resource: chain event handlers
d8c66ffb63c Add a global cache to support DRA's extended resource to the device class mapping
34021d451d3 Revert "E2E framework: start slow tests first"
59e075e8d35 Promote PodCertificateRequests to v1beta1
7c47b91ed2c Limit CONNECT proxy response header size
2be8c36dba5 fix: additional nil check for workqueue shutdown
ecbda22ea54 chore: more precise resync comment
a85a9e13aa7 chore: cleanup outdated comment
956964d6e58 fix: register feature gate dependencies
36e6b9075e5 chore: move golang.org/x/time to required
806cf9ef512 style: alphabetic ordering
b68fd5e5336 docs: cleanup docstrings
abf60333adb feat: add feature gate to kube features
c2044c8d390 fix: feature gate min version
0c775eec7ce fix: rate limit route reconciles
9af329151a4 feat: minimal route resync period interval
9e612f107a1 feat: update routes on resync
0b41218ed4f fix: missing update of feature gates
be7e0ddb74b fix: spelling
8ef9e53ce5d fix: check error of AddEventHandler
a5055cc407b feat(ccm): watch based route controller
cff07e75519 E2E framework: start slow tests first
6034321603b dependencies: ginkgo v2.27.2, gomega v1.38.2
308a53dfa6d Add validation options for static pod
264eab46db9 Remove unused delete reactor
acdf891478a add e2e tests
c99145805f1 [DRA] Fix DistinctAttributeConstraint match comparision with value
97587e951b0 oidc: fix jwks metric name in comment
2b0bfbfb8e6 removed unused functionality from run_group_snapshot.sh and prepare for kubeadm v1beta4 config
a3ce49a11ea prepare kms kind config for kubeadm v1beta4
a1ce4bb4686 Check for CSIDriver object before stopping pod scheduling
d17ed9be174 prepare DRA kind config for kubeadm v1beta4
2f0a84af1af Add csidriver lister to CSI scheduler plugin
85d7626d2dc Do not schedule pods if CSI driver is not ready
8b2babcbff6 PSA: fix lint with older policies
d9ddd5c59b0 Allow PSA pass scenarios to be informed by the policy level
e8bd3f629d4 drop UserNamespacesPodSecurityStandards feature gate
f2d075ea655 Address review comments
c69259cb713 DRA device taints: switch to workqueue in controller
e5fcd20a264 DRA device taints: tighten controller test
6ebd853f170 DRA: implementation of none taint effect
75c91867928 generated files
e4dda7b282e DRA device taints: fix DeviceTaintRule + missing slice case
fee14ffca20 DRA API: device taints 1.35
11e3147fdd2 kubelet: add a test to verify that dra plugin enforces timeout
c71e45c7352 Implement a csimanager for managing storage related assets
d4c6e0bfd04 change client go default features to versioned
344df7835cd refactor dra fake grpc server
1951e8dd887 kubelet/config/apiserver_test: expose IsWatchListSemanticsUnSupported on fakePodLW
05f5051be3a kubelet/userns: Print podUID on errors
35423364e2f apiserver/pkg/admission/plugin/policy/test: wrap trackers with ToListWatcherWithWatchListSemantics
5993782d653 dependencies: various minor updates
9e462123d64 client-go/tools/watch/test: wrap the LW with toListWatcherWithUnSupportedWatchListSemantics
ae201951a8a k8s.io/client-go/tools/cache/test: wrap the LW with toListWatcherWithUnSupportedWatchListSemantics
f2257059d7a node: cm: fix linter failures
1055d8541e6 k8s.io/client-go/testing/fixture: does not support WatchList semantics
1ca34bd0d2d apiserver/pkg/storage/cacher/lister_watcher: pass RV for request from the watchlist consistency checker
040516a6e76 fix linter changes
67280d4df99 node: cm: update mocks for contextual logging migration
bd11e52bfc1 Drop locked StrictCostEnforcementForVAP and StrictCostEnforcementForWebhooks feature gates
b3415bfdfe2 kubeadm: added container runtime version check to preflight
d80ac77d985 feat(dra): add k8s:optional for all DV migrated optional fields
cde15e6450c Add ObservedGeneration to CRD conditions
02289d08f6c refactor scheduler_perf test for extended resources by dra to have 10-50 device classes
67143028e78 Add --min-compatibility flag.
05f67d834ab node: cm: migrate container manager to contextual logging
7bbec73192a Add a interface for sharing CSINode objects between scheduler and CAS
d99d3c0b69d refactor ippr tests
c1a95eb7e2f Structured statusz
1d9c646892c fix unit tests for ippr ga
2e543d151b6 DRA device taints: convert unit test to synctest
2e534d6da10 DRA: Allow AllocationMode: All from multi-node resource pools
fda069a5d62 update kal to fix markdown table bug
9cc3a06f0b4 enable duplicate tags for kal and add exceptions
0fac370625b sig-auth: fix KAS options OWNERS
428be46ba25 node conformance e2e: move registry cleanup to ginkgo.DeferCleanup
8d3bc085ce4 DRA integration: refactor helper functions
89f1edd5169 kubelet/image_manager: rename EnsureImageExists arguments at the interface level
01d1cb96793 test: fix flake in DRA DeviceBindingConditions by waiting for reallocation before status update
79df44ca529 scheduler: KEP-5007 allocator test - devices w/wo BindingConditions
7bc354e15d5 kubelet: add metrics for in-memory stored image-pull-related records
ae7c6e8080e kubelet/imageManager: add metrics for MustAttemptImagePull
429a96eda6e kubelet: add metric for the number of stored image-pull-related records
7a9d718cdf5 Benchmark SharedIndexInformer
9b80964efd2 add integration tests for pod replacement during scaling and
b1942ae6b12 [DRA] Add dropDeviceBindingConditionsFields and fix immutable field on DeviceBindingConditions strategy test
df3f5dd493b test(validation): add cases for validating maxItems in status.devices.networkData.ips
2713803c78d feat(dra): migrate NetworkDeviceData.IPs maxItems to declarative validation
a8c9bb1f168 test(validation): add cases for validating maxItems in status allocation requests
0d6d2aa6a58 feat(dra): migrate DeviceAllocationConfiguration.Requests maxItems to declarative validation
91614613170 test(resourceclaim): add unit test for unique DeviceAllocationConfiguration.Requests in status
a553ac0e92a feat(dra): migrate DeviceAllocationConfiguration.Requests uniqueness to declarative validation
a4e8b54dee7 test(validation): add case for handling duplicate request names in ResourceClaim status update
cc0012b4502 Add Declarative validation unit test for duplicate IPs in NetworkDeviceData
9bbf28e2f4e feat(dra): migrate NetworkDeviceData.IPs uniqueness to declarative validation
1d2b87c2e9a updated nodeswap description only
4f647b3f3df removed BlockOwnerDeletion
2a217a9bfd2 promote pod generation tests to conformance
3b72759d1bc Update SVM to Beta
24a53fa6384 add JWKS fetch metrics for jwt authenticator
ad2c6b443dd controller/validatingadmissionpolicystatus: Improve goroutine mgmt
a51285e1f27 controller/servicecidrs: Improve goroutine mgmt
63c15cbe83e controller/resourceclaim: Improve goroutine mgmt
5f423d7ba8d controller/podautoscaler: Improve goroutine mgmt
51ef94c5472 controller/nodelifecycle: Improve goroutine mgmt
34e688eb3dc controller/nodeipam: Improve goroutine mgmt
a265769245a controller/ttlafterfinished: Improve goroutine mgmt
821a3f5affb controller/storageversionmigrator: Improve goroutine mgmt
7240649e4f6 controller/ttl: Improve goroutine mgmt
3ee8c53e537 controller/podgc: Improve goroutine mgmt
1635a139b88 controller/storageversiongc: Improve goroutine mgmt
502186ca933 controller/statefulset: Improve goroutine mgmt
91cf8253a2a controller/replicaset: Improve goroutine mgmt
5f48a52bf86 controller/namespace: Improve goroutine mgmt
cb4ad791023 controller/endpointslicemirroring: Improve goroutine mgmt
cd73e8777b3 controller/endpointslice: Improve goroutine mgmt
ccd35f7c5ee controller/endpoint: Improve goroutine mgmt
d9ba92ba3bb controller/disruption: Improve goroutine mgmt
6e0a4da2f6a controller/deployment: Improve goroutine mgmt
e8b0f274561 controller/daemon: Improve goroutine mgmt
575e9eb64c7 controller/job: Improve goroutine mgmt
7bf52d74d02 controller/cronjob: Improve goroutine mgmt
d1eccb2377c controller/clusterroleaggregation: Improve goroutine mgmt
5f3f39edc12 controller/certificates: Improve goroutine mgmt
3a50f28ff80 controller/bootstrap: Improve goroutine mgmt
c9825b8d279 kubeletplugin: clarify DRAPlugin comment about driver-specific claims
4a991bbbd9c fix unit tests for pod gen GA
e06abce75f1 node: mm-mgr: Refactor to use logger parameter instead of context
d2f780e277f promote ippr to ga
21c832b47dc promote pod generation to GA
9bf2363333d restarting kubelet does not change pod status
842cd0ea777 node conformance e2e: don't recreate test container on an error
135b46974af e2e registry: have SetupRegistry() return registry address
ee777bef916 test/utils: remove GcAuthenticatedRegistry from RegistryList
bb1b23a34ee e2e fake registry: add function docs
fc81e22735a fix Node Conformance Container Runtime test with fake registry
a0e64c21f2f Use fake registry in Node's container runtime image pulling tests
b29fdd1551f Forget pod from scheduler's cache immediately when it's deleted or has DeletionTimestamp set
15029967870 Refactor scheduler event handlers for pods to handle binding event in one place
a42581c7d39 Don't preempt pods with DeletionTimestamp set
37ba7bb454c Address feedbacks
94101ba6e0c Add new method to validate C Identifier
ec8c2246b2c Use k8s-resource-fully-qualified-name format to validate MatchAttribute
2de03899dae Add k8s-resource-fully-qualified-name format in valdiation-gen
4a9a010c537 adding back v1alpha1
68710ce086b add declarative validation test
2e257dffd80 update code-gen for new tags and ignore v1alpha1
8f0a6583ca8 Use eachKey DV in DRA resources.
03e337cfb7a ktesting: support for synctest
aad6cec749b DRA internal API: add JSON tags
679ccee1938 reverting changes that were unrelated to me pr
08b1b1d5a47 Do not log untolerated taint in pod status updates.
9c32e488db1 use tweak pattern
1dd384c44d4 Fixing unit test flakes in pkg/kubelet/winstats TestCollectMetricsData
f82a139dc08 Promote KUBECTL_COMMAND_HEADERS to stable
a3f242676cd Revert "remove failing test that depends on expired credential, remove credential, add TODOs"
973779a398f kubelet/image_manager: add metrics for EnsureImageExists
b1a8d8849ee Update OWNERS to sig-apps owned registry packages (batch & policy)
b72c9e41792 Improve CEL Policy admission test
51beeb26762 dynamic-resource-allocation/client: expose IsWatchListSemanticsUnSupported
4fd41778b87 watchlist: wrap remaining LW with ToListWatcherWithWatchListSemantics
fb228c47048 Fix DRAConsumableCapacity to be able to allocate the same device that previously consumed the counterSet
86bfcd5eec1 oopsie missed two, should fix failing tests
11f9d32a0ea kept sidecar feature to enable default FeatureGate. will clean up in separate effort
a277269159c updating sidecar feature to node conformance
92663144b98 Graduate a few soaked alpha tags to beta
bda0e6a83c5 remove deprecated EndpointSlice api from describe
1e903a4b5a8 DRA: e2e: test extended resources after device plugin uninstall
7b2acb74c07 DRA: fix admit logic for extended resources
1cb45e2a27f DRA: fix scheduling of pods with extended resources
62b23aeb0cf Remove FromName for VAC external tests
b40df46b0ba test/e2e: remove unused v1beta.VolumeAttributesClass field
04fb0931aec test: remove usage of storage v1beta1 APIs
65dcb4ce2cd refactor(kubeadm): including dns addon version to signature
816eee64e80 cpumanager: hack: add golang ci config for contextual logging
fd5b2efa76e node: cpumanager: migrate to contextual logging
2cd69e0d0e6 Rewrite claim with extensions in allocator test
a35785c0331 Drop loopback clients if unused
bbd44717c15 fix: allow job startTime updates on resume from suspended state
d10f4f39503 DRA allocator: Add the requests corresponding to the config FromClass
f8ca585b666 test/images: Update tf-wide-deep container image with Python 3.11 and TensorFlow 2.20.0
36654a9ecbc --no-edit
cff8bc86865 fix the unknown flag: --logtostderr error
b2571fe170a Add WithNodeConformance to KubeletPSI test context
8a6b3caaa0d use union member DV in the DRA
97f9819f7e7 address feedback
f64797580a8 DRA internal API: remove unnecessary types
294ff153426 kubeadm: improve the etcd version mapping
8b87df028d8 avoid Stop() racing with sync()
8b6f98b06ea DRA: lock to default-on
30a6d4b389a Add CSI driver opt-in for service account tokens via secrets field
0e7d42dd456 Clean up OWNERS for all api machinery owned controllers
167ccbc8ec0 Improve cmd tests for kubectl events
fcef697a45a kubelet: add nil check for ContainerStatus in GetContainerStatus
715228f4789 Remove LoadBalancerIPMode feature gate
b5297b18ab2 Remove AllowServiceLBStatusOnNonLB feature gate
c403fd44811 kubeadm: validate the KubeletVersion for cgroups v1
5f083e3b9f5 controller: duplicate utility method cleanup
5d4d6cc980f Test: Add unit test for PreStartContainer
491f7f9ba89 Add a preshutdownhook to cleanup apisever identity lease
c247514f47f Remove year from copyright header boilerplate
f0e88857f7b Return error in case of discovery client failure
8a331a59d13 test: Fix data race on policy refresh interval
78796239cf0 feat(validation): add k8s:optional tag to InterfaceName and HardwareAddress in NetworkDeviceData across all versions
9ba536c2e44 feat: add subfield +k8s:format=k8s-long-name validation for DeviceClass ObjeMeta.Name field
9e5b6ad7488 fix error checks
c764de03dc6 vendor: update system-validators to v1.12.1
724cdb5cf38 feat: migrate off deprecated NewSimpleClientset to NewClientset
1b863d81c92 kubectl: Add support for tracing
9d369f32a3d kubectl: Refactor profiling helpers
1e3a6e18d08 node: e2e: update podresources check post fix of kubernetes#119423
28507d0e921 [test] Add case for existing driver on old csi node
a14230ae82d [test] Validate migration annotation are still applied
1e2817d5890 Avoid no-change lambdas
2061ec2be9d Enable DV for resourceslice
f851bc7ce5a test(validation): add cases HardwareAddress length in ResourceClaim status
833c026435b feat(dra): add k8s:maxLength tag on HardwareAddress in NetworkDeviceData
c3006a9bb96 test(validation): add cases for valid and invalid NetworkDeviceData.InterfaceName length
6fa8cb4a993 feat(dra): add k8s:maxLength on NetworkData.InterfaceName
2b4495f66a0 feat(dra): add k8s:optional on AllocatedDeviceStatus.NetworkData
8124b22f903 feat(validation-gen): add k8s:maxLength tag
e762d9fc441 dra: Use context-aware client-go informer functions
196d3abcd53 CHANGELOG: Update directory for v1.35.0-alpha.2 release
fa59ed7f82e pkg/controller: Use informer.RunWithContext in tests
70ac573619b adopt consistent way to set feature gate based on emulation version for kcm and scheduler test server.
d764e81a66b Revert "Implement validation-gen lint for CI"
7d1500bb1ea feat: Add exceptions for conflicting markers in kube-api-linter
12b5106809d bump kube-api-linter tool to latest and go mod tidy
5fc2f3e5a93 feat: Enable conflicting markers linter to detect mutually exclusive field markers
c49bdda383f kubeadm: remove the GA WaitForAllControlPlaneComponents FG
a99a5c4bdc0 avoid updating when endpoint subsets are merely sorted differently
764918a4ddf remove deprecated CertificateSigningRequests api from describe
3fbd1a17871 etcd: bump etcd to v3.5.24 for k8s v1.32, v1.33, v1.34
7f99d6672f7 etcd: bump etcd sdk to v3.6.5
804708df532 /test: use a different image for hostname override e2e tests
5bfc9aba9f0 Disable unwanted gocritic checks instead of filtering them
9d48e7d2d40 fix missing involvedObject.apiVersion in event
38373335cd1 kubeadm: adjust the etcd version map for release 1.35
81e3dbdc33f Fix DRAConsumableCapacity to schedule more than one devices
8fc99212944 Delete dead code
8346bed9e7a Introduce pod queuing in endpoint/slice controllers
f2a4ffd5b8b Promote ContainerRestartRules to beta
0a301490f61 Fixing k8s.io/kubernetes/pkg/kubelet/kuberuntime unit tests on Windows
4e29dcdf756 remove deadcode HashObject from k8s.io/kubectl/pkg/util
6cb2849928b switch endpointslice hashing from md5 to fnv-1a
edbc0dc2587 switch endpoints hashing from md5 to fnv-1a
dba6c30e964 switch kubelet static pod internal UID to fnv
b3373320daf switch volumemanager reconciler tests to fnv-1a
797d3165191 mark remaining md5 usage TODO and exclude from lint
b0a15b9163c switch storage e2e tests from md5 to sha256
e0df6b178a0 migrate kubeadm static pod hashing to fnv-1a
886fdeefaea forbid new use of md5
448584e1c8b feat: add step field and clarify comment for volume expansion
d54f3b56ed9 Add OWNERS for controller/storageversionmigrator
413c34f3192 Added feature gate and tests
b1c85ef2fe3 golangci-lint: no need to enable deprecatedComment
9902ae73872 apiserver/pkg/storage/cacher/lister_watcher: exposes WatchList semantics
339dba881fe Add synthetic create authz check to pods/exec, pods/attach, pods/portforward
229b33c4409 Address feedbacks
95c42b99515 Fix rebase issues
cf96486aed8 Add format validator for DeviceClass.ExtendedResourceName
adbea00238b Add new format k8s-extended-resource-name
3968f7ec5d6 apis/apps/fuzzer: add missing MaxUnavailable defaulting
efeda8b0fd8 Use fast policy refresh interval for TestParamRef
579579138c9 reformat
b95439f6d1a docs: EphemeralContainerCommon.ResizePolicy: This field cannot be set on ephemeral containers
26bbea8c071 Add RealFIFOOptions struct to provide structured configuration for RealFIFO
6b82a823b1a client-go/clients: improve TestWatchListSemanticsSimple
bd6fb65f833 Reduce fuzz test runs by 10x to avoid timeouts
13511897bda node: e2e: extend wait for resources exported by sample device plugin
c2e1fdeb7ad node: e2e: Ensure device plugin pod is Running/Ready before registration
da80b554a7b DRA API: unify dropped field logic for ResourceClaim and ResourceClaimTemplate
49e4fe9d2ba kubelet: fix kubeletconfig.cgroupDriver in configz
ad2832977c7 fix(kubelet_node_status): remove the node.Spec.Unschedulable check, after remove the register schedulable
dbb3941cfe4 Declarative validation coverage for RoleRef.Name and Subject.Name in RoleBinding#
2e0319181de address feedback
a817e2b923f test(validation): Mark bindingConditions and bindingFailureConditions errors as covered by declarative
ce93309f4c9 test(validation): Add tests for bindingFailureConditions maxItems validation
2a116e29ce6 feat(dra): Add maxItems tag on DeviceRequestAllocationResul.BindingFailureConditions field
2ad5127a793 test(validation): Add tests for bindingConditions maxItems validation
ab08274be10 feat(dra): Add maxItems tag on DeviceRequestAllocationResul.BindingConditions field
9eb7750d7f9 features: bump image gc max age feature to stable
7336f53439b remove usage o ExecProbeTimeout
da77cf84baa pkg/kubelet/watch_base_manager: wraps the LW with WatchList semantics
f8868e9cace client-go/kubernetes_test/clientset_test: intro TestUnSupportWatchListSemantics
f3d1fd23c57 Fix comments and reformat import statements
ba6074dd0b8 Promote HostnameOverride feature gate to beta stage
8f2d7581eb1 client-go/dynamic/dynamicinformer: wrap the LW with WatchList semantics
f6e2ea7b968 build/common.sh: fix support for Rootless Docker
78fcb4475f4 client-go/metadata/metadatainformer: wrap the LW with WatchList semantics
0613fdeccb5 kubeadm: add missing cluster-info context validation
47e9686b4db feat(validation-gen): add +k8s:format=k8s-long-name-caseless declarative validation for DeviceRequestAllocationResult.Driver
0cf91027638 feat: add +k8s:enum declarative validation to ResourceClaim DeviceTolerationOperator and DeviceTaintEffect
44a268e2723 KEP: 5495 - Add deprecation warning for ipvs
d7b83193c42 docs: quote PowerShell completion script path ($HOME may contain spaces)
0f6bc57d118 docs: dot-source kubectl completion script in PowerShell profile
d07b769418d Replace feature label with WithFeatureGate for KubeletPSI test
2072acb3ba5 Add listType=map and listMapekeys on ResourceClaimStatus.Devices
4bd3d17e4aa Allow pointers for list keys
03c7962d175 usernamespace and procmount are tightly coupled. Disable them together
1f803aa314a Use DV for long name validation of spec.devices.requests[%d].firstAvailable[%d].deviceClassName
af173926308 Setting the default feature-gate ExecProbeTimeout value to TRUE
d0a2a0d22e7 e2e: find and fix reuse of test names
51fc3c744a0 bump etcd to v3.5.23 for release v1.31, v1.32, and v1.33
9864c29861e Lock SystemdWatchdog feature gate
6ae916a577c rbac: Remove PolicyRule.Verbs from declarative validation migration
2ea3d3815cd feat(validation-gen): Add declarative validation support for rolebinding(v1,v1alpha1,v1beta1)
4e660cc05b9 feat(validation-gen): Add declarative validation support for ClusterRole(v1,v1alpha1,v1beta1)
70a8babb09e test: move kubelet GC tests to node conformance
41cb2378b42 update publishing rules
f23f716af46 drop support for policyv1beta1.PodDisruptionBudget
5594d94e671 ./hack/update-codegen.sh
f076736206c code-generator/cmd/informer-gen/generators: wrap the LW with WatchList semantics
778ff5d5ab4 update after review
d15b2893341 ./hack/update-codegen.sh
4d9fcfeeca8 client-go/kubernetes_test/fake_client_test: TestDoesClientSupportWatchListSemantics
2fd727bf923 address feedback - comment on declarative defaulting gap w/ DV
c284201b711 generators/fake/generator_fake_for_clientset: intro IsWatchListSemanticsUnSupported
4bb2bd05322 client-go/tools/cache/reflector: supports watchlist.DoesClientNotSupportWatchListSemantics
26cba8ee03d ensure permissions are consistent on dockerized binaries
9d83f71cdec fix validation_test.go to use path normalization
a77f845141a address feedback - remove origin for enum as NotSupported handles this
6e95412c432 address nit
77d87a0e633 fix normalization rule post-rebase
f84423813bd address feedback
9a7dace7347 feat: add +k8s:enum declarative validation to ResourceClaim DeviceAllocationMode
91d135f3445 Include relevant dimensions in pod controller indexing
5b9b8ec732b make localtime mount readonly
1877809f59c cleanup unused rsync related env vars
feeeb4aa19f switch from rsync to cp, drop rsync requirement
e71aa02f96f we no longer need to delete old docker images as we don't build a build-image anymore, we use pre-built kube-cross
ff0a5fff382 cleanup lingering references to kube-build
b3ad67739a8 delete build-image
4eead9306d5 add coverage for pod resize 'read' and 'replace' endpoints
ae3605d1093 mark aggregator test LinuxOnly
bec583bc3dd Enable MutableCSINodeAllocatableCount by default in Beta
8324fc3e034 client-go/metadata/fake: expose IsWatchListSemanticsUnSupported
82e516200a4 client-go/dynamic/fake: expose IsWatchListSemanticsUnSupported
fface8ebfc9 Bump coredns version 1.13.1
c7eb3751b9e Fix volume mount changePermissions test flake
9763935518e Refine: VolumeGroupSnapshot tests
9020a177318 feat: add enum validation for AllocationConfigSource
7825b2fc766 drop go-socks5 from build/tools.go
30c3c990d0e prevent shellcheck warning
563919c6858 don't update _output/bin symlink in dockerized builds
78830afba89 Enable external VolumeGroupSnapshot tests
debe026b211 Fix unit tests to work with explicit depndencies
605f402d44a use relative symlink for output path
54f39033f03 Test status update for all APII versions
36e3a8f2691 Record and require all kube-feature dependencies
20af32e5c11 Stop serving alphas removed in 1.35
33321022f83 Regenerate openapi with unserved 1.35 APIs
bec429cd96f Review fixes
ac5046786e0 DRA API: implement ResourceClaim and ResourceClaimTemplate strategy for DRADeviceTaints
8a43852c35f build: build by running kube-cross directly should leverage a potential KUBE_GIT_VERSION_FILE
2a488616bfa tests/e2e_node: Add test for userNamespaces.idsPerPod
b38d7028075 userns: Return nil manager if feature disabled
0b5aa1d491c userns: Use better defaults if idsPerPod are used
db6a2b2318a kubelet: Don't ignore idsPerPod config
97861325ae3 KEP-4622: node: topomgr: max-allowable-numa-nodes to GA
cccb66bfbc2 test: topologymanager: handle panic in test
00a8ddce91b node: topologymanager: don't leak options in tests
96a9fe5f7b1 update debian-base and setcap
15154374bca Bump images, dependencies and versions to go 1.25.3 and distroless iptables
476824c2a1e [PodLevelResources] Add more comprehensive test cases to kubelet
bf88ae7d737 Fix DisableAllocatorDualWrite dependency on MultiCIDRServiceAllocator
d0f482129da Add stability level in the tags doc.
678b79a173b Properly account APF seats for legacy watches that compute init-events
6f820481d36 bump to go 1.25.3
84b78307e28 fix: the failed unit test
4c8b4347797 DRA: Fix socket binding error in unit tests
6a455c669b5 fix panic for the crd with status subresource but lose openAPIV3Schema fileds
da338ba1fff Warn on use of deprecated PreferClose
3176ef27602 Update TrafficDistribution docs for PreferSame* GA
c6a86d125f2 Merge the two TrafficDistribution integration tests
02926c9563d Update PreferSameTrafficDistribution to GA
b13564a63c3 Belatedly remove references to PreferSameTrafficDistribution being Alpha
7ed61cfde16 chore(kubelet): migrate topologymanager to contextual logging
c48a16ebd8e fix issue
e9f66ea507f fix
dfb02e7581e add TestUpdateStatusWithOldVersion integration case
0554102ab33 test: Add CIDR allocator metrics test with multiple CIDRs
3c2c64a7f65 Add integration test for invalid SAN certificate handling
9292f1e82b6 refactor(resourceclaim): generalize tweakDuplicateRequestName to tweakAddDeviceRequest
2260c9b9837 test(validation): Add unit tests for DeviceAllocationResult.Config maxItems
b3eb152db43 feat(dra): Migrate DeviceAllocationResult.Config maxItems validation to declarative
8c7a338afe8 test(validation): Add tests for status.allocation.devices.results maxItems validation
a05fce7c228 feat(dra): Add maxItems tag on AllocationResult.Results
f70142a6a90 feat(validation-gen): migrate ResourceClaimStatus.Allocation NoModify validation to declarative validation
331ea387696 feat: add +k8s:update tag and associated tests
86d06973197 remove blank line between comments and entry
19311b932fb reorder kube-cross to be under go version and dedupe it from the go version
39d37a1e926 Remove invalid SAN certificate construction
ced2a40b9e9 kubeadm preflight checks: fix host URL construction
1c950080155 Log when automatically disabling dependent features
e669ccda0f4 update build/README.md to reflect removal of rsync/data containers
7d2309f0591 cleanup unused rsync utilities
faa62c8ce61 cleanup KUBE_RSYNC_CONTAINER*, KUBE_DATA_CONTAINER*, DOCKER_MOUNT_ARGS
36526c38158 delete more now-unused shell functions
5a05c062c3c delete now unused kube::build::copy_output and kube::build::build_image
7ed65b466d7 remove defunct comments about updating copy_output
dee429c1659 remove unused scripts
eaeed1a5345 remove calls to kube::build::build_image and kube::build::copy_output
581012fe063 build by running kube-cross directly
52c734f1e6d kubeadm: print errors during control-plane-wait retries
0a05490e08d fix broken gce jobs
19a29de5ec9 style(kuberuntime-container): clean up redundant if branches
4d61ba787d5 test(validation): Add tests for status.ReservedFor maxItems validation
b0a511d3090 feat(dra): Add maxItems tag on ReservedFor field
9ae5039b7f4 e2e: skip the reboot node test case
e8d512d8221 extract build vars setup into reusable function
6c9f2793ef7 Stop mentioning the removed gate CSIDriverRegistry
5362c2858de Remove mentioning of the APISelfSubjectReview gate
3b93755c0c0 client-go/tools/cache/listwatch: intro ToListWatcherWithWatchListSemantics
83eebc22902 fix: Add CIDR filtering and overflow protection to IP allocator
dc686f240be Remove deprecated pod-infra-container-image flag
3f8a5219e2c Enable validation-gen on rbac/v1,v1alpha1,v1beta1
20dafe678bd test: Add failing tests for IP allocator CIDR filtering and overflow protection
d5ae324fb6b don't require build tools to clean
dd3a713f6c4 fix ReplicaSet and Deployment tests for DeploymentReplicaSetTerminatingReplicas FG enablement
2bf467170e7 make update
b0e47a88f74 promote DeploymentReplicaSetTerminatingReplicas to Beta
8b5cf608fd5 Add k8s-label-key format for toleration key
b738e8c3caf fix panic in cron.ParseStandard
7b4d4f72c90 fix lint error
f27346db6c5 update warning to reflect kep changes
4f8757b4c01 Remove flaky HPA deletion assertion in TestMultipleHPAs
d6dec0b345a Revert "Merge pull request #134178 from HirazawaUi/remove-RootlessControlPlane"
400f8eccc55 Remove the --pod-infra-container-image flag from kubeadm
233ad2071ca refactor(serviceaccount-tokens-controller): Change the secret's MutationCache to SecretLister
efda517d93f speed up make clean by narrowing recursive chmod
9c2520b6334 test: mark duplicate device requests as covered by declarative validation
4616d749a3d feat: Improve the robustness of SVM
ebc4768ff3b Increase time out for verifying metrics
861e397b054 Using processStart time to handle execution delays during stress tests
4f7e9ff1efd bump cos-gpu-installer to support cos 121
514b93d7e13 test: add validation test for duplicate DeviceClaimConfiguration requests
ed932547cf5 feat: migrate DeviceClaimConfiguration.Requests to declarative validation
c81fc12900b test: add validation test for duplicate DeviceConstraint.Requests
63f8c0a4fe2 feat: migrate DeviceConstraint.Requests uniqueness to declarative validation
0fa441f962b Promote KEP-5311 (Relaxed validation for Services names) to beta
2341b3bcc86 test: add validation test for duplicate FirstAvailable names
3ad7b189b70 feat: migrate DeviceRequest.FirstAvailable uniqueness to declarative validation
d045a9dd3cd test: add validation test for duplicate device request names
ca9e09b7d30 feat: migrate DeviceClaim.Requests uniqueness to declarative validation
3ec711f91ee cluster/gce/gci: revert PATH change when using custom runc
8e4cd1f3b60 address feedback
d77cb206a09 feat: migrate k8s:format=k8s-long-name-caseless validation on OpaqueDeviceConfiguration.Driver to declarative validation
7f58bb9abdf Regenerate vendor
2fe6220968d Regenerate protobuf
6d8adfe4025 Isolate generated ProtoMessage() methods in build-tagged files
5fb0e16be6f Drop runtime use of gogo packages
caea56f3847 Fix controller setup in storage version unit testcases
cf099f4fc90 Update --chunk-size flag, dropping the beta information
8dc51e11eff improve kubeup env parameters
67c29eaafcd CHANGELOG: Update directory for v1.35.0-alpha.1 release
b8670cbc31c reduce dependencies to apiextension objects
6f51446802f DRA device taints: fix toleration of NoExecute
9702a2dca2b E2E framework: enable data race detection only if needed
5e216ae34d0 Replace HandleCrash and HandleError calls to use context-aware alternatives
7eb7894dada refactor(apiextensions-apiserver): Make APIApproval controller context-aware
f99d0e9759f Mark API server errors as transient in csi raw block driver
2fa703bfb69 address feedback
b4fa5794efa generate
1c0f0add8a5 feat: add +k8s:immutable tag to ResourceClaim.spec and associated tests
dfd7b230b4d feat: make it so that all ShortCircuit validators are run for short circuiting check
10473da4f70 chore: add +k8s:immutable tag implementation and test
c189e9d82f5 Split Endpoints controller and EndpointSlice controller conformance tests
7b7145a5940 Update kubernetes.default endpoints test a bit
e627b3b2bff Move some network conformance tests around.
d46f15bd12f Fix some linter errors before splitting out code
07959fd1680 Remove redundant test of "empty EndpointSlice for Service with no Pods"
ff83235f352 Fix up EndpointSlice conformance test descriptions
dd8d0e65d4e Dedicated package for scheduler interaction with DRA structured types
1fb86743872 Add listType=map and listMapekey=uid for ResourceClaimStatus.ReservedFor
01264d3970b With new changes we will also have a VolumeModifying condition
cb01a28df40 Ensure CSINode is owned by node when installing CSI drivers
13cd40d718b E2E volume: fix restarting of watch
328f9da729d Add current and old nodeIDs in log messages
111fc04e1d3 fix: update pkg/apis/resource validateDeviceRequest to short-circuit on the oneOf check
e62523e1f56 address feedback
fd12fc00c9f fix: remove unnecessary ValidateResourceClaim call from resourclaim ValidateUpdate
4ca286819a9 Add DV for uids in resourceClaim Status
d9fb647515d fix overlapping client CA and requestheader CA validation with proper certificate checking
6965075ebd8 Address feedback: simpliy errormatcher instantiation
6138a68f4e8 fix(validation): Mark covered errors in TestValidateClaim for better clarity
763c01ef68f feat(validation): Add normalization rules for ResourceClaim validation
32e64ec0e9a simplify getNodeAnyway func
c82f2caaa46 DRA E2E: promote CRUD tests to conformance
2b220dffa76 add integration test for endpointslice controller headless services
d03fab555f1 kubectl config set-context: Add -n flag
09ef1e08e96 Fix storage version test flake
f9a893be37b Fix incorrect error messages
d1767c10c01 fix: typo in internalversion printers
ae8ea8994ef feat(validation): Enhance validation tests with normalization rules support
7bbc7228aca run update-codegen.sh
7366031541a feat(dra): Add maxItems validation tags for ResourceClaim fields
4568ac300c1 changelog for 1.34
b2073c3325d reordered changelog for cri api
5b7e96219f8 remove cpuSharesToCPUWeight that is not used any longer
84431876888 Warn when quota request > limit
79678dd3935 feat: add resourcequota WarningsOnCreate request less than limits
100cd47acbc Update SIG Scheduling leads in feature-approvers
1137d51b358 Disable SchedulerAsyncAPICalls feature gate due to a known regression
2ddc9555582 correct metrics function comments
070d4c1846b bump etcd to v3.6.5
7c596722137 Fix in code and integration test that verifies that when victim pod is stuck in binding, preemptor pod remains waiting in unschedulable queue until deletion of the victim pod is completed
e9f61ce511d Move stats updates to getList
4b3e562dc8c client-go/util/watchlist/watch_list: intro DoesClientNotSupportWatchListSemantics
0b0a5974f82 integration test: webhook proxy behavior
26c7846e6dd Use lock-free for unguarded isHidden/isDeprecated fields
52dec274b36 add TODO to migrate when new metrics mature and old metrics are deprecated
7c529f25f4d add apiserver_validation_declarative_validation_panic_total invariant
84ce0f57f27 add test to verify invariants are fully specified
41ae5cdf4b0 check invariant metrics after e2e tests
748510b8ee0 refactor and increase coverage for pod resize tests
e4a34ce343e KEP-4540: StrictCPUReservationOption moved to GA, modified unit tests to reflect this
ae259797903 Use a dedicated delete channel in HPA test
f79fb9e59e0 Fix rebase issues
03da38a8023 feat: add path normalization support to error matcher
f95d531b0ae DRA: CRUD conformance tests
545526cfe09 DRA E2E: only check ResourceClaims in the test namespace
2ac9ff1c1fb test: format unstructured as YAML
a7b720ad5b8 upgrade to cos 121
5af28702540 fix nested map segmentation fault
d71e7e78595 fix typo for `AnonymousAuthConfigurableEndpoints` error
6d3d7553fbe Lock all mutable fields when printing gc node
940a2a7f070 Update hostpathplugin image version in DRA test driver manifest
6e7762ef0ee Update cluster/addons/ip-masq-agent/ip-masq-agent.yaml
b5805f28e72 Update cluster/addons/kube-network-policies/kube-network-policies.yaml
c4c7efc4f95 apply feedback
515b579945a feat(resource): Add maxItems validation for DeviceClass configs
e693da72906 feat(resource): Add maxItems validation for DeviceClass selectors
4986abe0b86 Automated refactoring to use SetFeatureGatesDuringTest
6e574cabdd0 test/e2e_node: mark MirrorPod update tests as [NodeConformance]
d4c5b8817ef Set test feature gates as a group, and auto-disable dependents
46c15a1844a fix typo in comment for namespace validation to appease verify-spelling
2fd76c8ed18 fix: Comment out ipSloppyValidator
51f02aa58a2 fix: Update error origin in ValidateDNS1123Label to use k8s-short-name format
6b11e6433cc run update-codegen to for ReplicationController
0a26ff5cb47 Update CSR DV test to match RC style
2d48dae391e Eliminate public ValidateReplicationControllerName
229c6b13ca7 Validate ReplicationController.metadata.name
7cf99892224 Add ValidateObjectMetaWithOpts() to apimachinery
b00e0f30208 Add cohort support to +k8s:item
975df59fcd5 Add cohort support to +k8s:subfield
efe4d17d15e Add support for validation cohorts
8105dbe5bce Revert "Omit type names of emitted slice elements to appease gofmt"
07991f41f00 Fix: Correct timestamp for node swap metrics
5d067af5e1b Prefactor: Fix some bad tests
7b938513956 Fix ReplicationControl double validation
04d632dd050 fix: Adjust validation for pool names to ensure proper coverage in device requests
c36c927d189 DRA ResourceSlice: nicer log output
af9facf7bad Fix passing runtime.Object to HaveValidResourceVersion check
af9b314fb45 Propagate backoff duration for crashloop backoff.
5ae2372f1b6 Remove a "helper" function that doesn't really help much
0cb916d4dcd Move metrics calculations to getList
fc19fcfb73c improve httpstream handshake error logging
89b975c6d36 Add comments
199c9ac77ab Remove ExpectInvalid()
8b08c8e59ce Remove ExpectRegexpsByPath()
b922fd9db43 Make ErrorMatcher more strict about multi-match
a51fb72c7f4 Simplify tests wrt ratcheting
054ab36c913 Fix field path for embedded fields in root types
9757d8d8efe Document 0 as a special case in RV comparison
84f85712beb feat: Add matcher and conformance tests ensuring that RV is uint128
02a51e3712d DRA ResourceSlice tracker: explain test a bit better, fix -run
c524a5fba28 fix(cordonhelper): Avoid mutating local node before API call
7c24e62d7cb Add additional types for resource version comparison testing
68205ff40c5 DRA scheduler_perf: run with specific allocator implementations
5832c915ace scheduler_perf: apply feature gates in deterministic, alphabetical order
60eeaa6ebda DRA scheduler: add unit test for allocator selection
7f57730ba4a DRA scheduler: fix selection of "incubating" allocator implementation
b5bcac998d0 DRA scheduler: clean up feature gate handling
723d1555a72 test: update CSI sidecar images to latest versions
b0460eedbac Make legacytokentracking controller context aware
37fcfcd29e9 feat: Add conformance tests for all resources for comparable resource version
fe681cfd8f6 update comments
83163d0b4a9 update comments on beta apis
11291fb6c59 update featureflag list
b656027b936 Update MaxUnavailableStatefulSet feature gate to beta
2cef54c1450 feat: Add helper function for client-go to compare resource version
f5e65af1737 add getters for event User and ImpersonatedUser on AuditContext
8a03067211e fix resource claims deallocation for extended resource when pod is completed
2c12d5731e4 fix validation_resourceclaim_test.go with MarkCoveredByDeclarative
9380248ad69 generate
ef2b68388ea add +k8s:maxItems tag logic and tests
b6afe986c62 kubeadm: rework the FetchInitConfigurationFromCluster node flags
03a1a22478b Add declarative validation tests, use tweak pattern, and additional test structure changes
11df50453fc Add maxItems limits to ResourceClaim
212a9c6a60c test/e2e/apimachinery/watchlist: select only wellknown secrets for table test
a20b34aa82e devicemanager: fix golangci-lint errors
bb91913017e Migrate sample-device-lugin to contextual logging
7e27b9c241f change default for failCgroupv1
6a5d0ef4230 gce: fix etcd manifest
1cfc29a179b cluster/addons: update container images to latest versions
574ac5b4978 disruption: remove unused pdb parameter from getExpectedScale method
574b09b7de4 nodelifecycle: fix ComputeZoneState method comment
2b3f1877bee Update NPD to v1.34.0
c4ec18b58a6 pkg/volume: improve code style and readability
b40b67b9cff Deprecate caseless driver name validation and enforce lowercase warnings
7af3377900b Add desired_replicas histogram metric to HPA controller
96349a46088 chore: Move declarative validation featuregates to staging apiserver
06c47136fef implement KEP-5573 by not starting kubelet on cgroup v1 by default
e6e6c6fdfbb Remove unused WithTakeover and WithValidationIdentifier
9a7e2291d1f refactor: Remove Validate(Update)Declaratively and improve error handling
d2ec0308c7f simplify scale subresource testing and document expectations
713cb97a850 test: Add unit tests for metricIdentifier function
2d7dd9164fa Refactor: Centralize declarative validation and migration logic
d559a4afe7f Add configurable tolerance e2e test.
4a76cd84055 Remove configmaps related rules from the kube-controller-manager and kube-scheduler leader election roles
d45a4557c1b Migrate device manager to contextual logging
4347d4be812 Update coredns to v1.12.4
5119b869668 refactor(DRA validation): Add granular controls to ValidateCSIDriverName for declarative validation migration
2c78bc981c2 Introduce API to codify and validate feature gate dependencies
7efc77f493a Apply feedback
7bab54a7c8b emit comment for uniqueness is disabled by k8s:customUnique
059d1794e61 test(validation-gen): Enable uniqueness validation tests for listmap
71797498f9c test(certificates): Add ratcheting test for CSR conditions
3da0a255f7f Enable listmap uniqueness & run codegen
3015e58e40f Improve tests devex for DV tests.
adf0a916930 update autoscaling leads
bd075eb98cb kubeadm: use JoinHostPort in WaitControlPlaneClient
ad8f91fb0f5 Fix error messages in volume path handler
53b81011e25 fix: add +enum tag to resource DeviceAllocatoionMode
8138390e51d feat(certificates): Add k8s:customUnique tag to CertificateSigningRequestStatus
09e96ae3f1d chore(validation-gen): Update output_tests for k8s:customUnique
81e2d211767 feat(validation-gen): Add k8s:customUnique tag for disabling uniqueness validation
6031ff29c14 make containerd download more robust
051b29bde38 Add nil scheme check in GetReference
0010d3992ac kubeadm: ensure waiting for apiserver uses a local client
a96ac3a2766 update publishing rules for 1.33/1.34 to set go1.24.7
2ffc06e09ae Make APIServerLeaseGC controller context-aware
2b110c138ec Add RunWithContext method for debugsocket
a28e452b44f refactor(apiextensions-apiserver): Make NonStructuralSchema controller context-aware
90bd84798c8 refactor(apiextensions-apiserver): Make NamingConditionController fully context-aware
409ad3944f7 added unit test for /statusz endpoints
56eb9a1a960 [126379] [go-client] chore: use WithContext functions: do not use SleepWithContext inside Sleep, use CalculateBackoff inside CalculateBackoffWithContext
dbe4143de68 generate
7019a088c39 Add declarative validation tests for ResourceClaim status
8606fa03dc7 Add declarative validation of ResourceClaim status pool field
e8f243dac2a Add output tests
83cf6358189 Add k8s-long-name-segments format
697113f5f07 Add utility function to errors to allow format composition
273912fb7f6 Improve BenchmarkSerializeObject benchmark
d2e6be440c6 Revert "Merge pull request #133213 from sanposhiho/second-trial-conor"
c1e74a1a982 Promote HPAConfigurableTolerance gate to beta
bc7ea997a0c deflake e2e: ensure pod with sidecars restarts in correct order after node reboot
a87068c685d Clean up gogo dependency tracking
b7567b980b9 Remove non-generated use of gogo dependencies
840aa4722e9 Drop unnecessary gogo dependencies
7930c2db4c0 Fix SELinux e2e tests waiting for "container created" event
48d56644308 update kube-cross image
ac35a0a99a9 Remove some unused bits of verify-golangci-lint.sh
911e46c08b4 fixed the CRD statusResetFields init issue
784b842a44f Remove the --pod-infra-container-image flag from cluster/gce
37592a026be bump gengo
22551e56a65 Fix IPv6 allocator for /64 CIDRs
51c525a1402 [126379] [go-client] chore: use WithContext functions
1e4e6e10c19 Use context.Background() directly in kubeadm polling API calls
c8138546201 Update comments around an old bug workaround
a8a21aaf853 Add hpa object count metric (#134140)
25893cb579a Promote regression-issue-74839 to 1.4
fefcbdcff23 Bump image version
d957c90153a Track connection using IP+port in server to fix conntrack test flakes
ea914d8077f Remove unused WaitForServiceEndpointsNum function
01f7de46f6c Replace deprecated WaitForServiceEndpointsNum call with WaitForEndpointCount
12db1e28dce remove unused file
15b16e0090d Remove RootlessControlPlane feature gate
343a5db9658 DRA E2E node: fix cleanup of tests using separate registrar
89b75e998d3 expand coverage for resource quota and limit ranger tests
4e719939170 Enable SSATags linter to enforce +listType on lists in APIs
883b9e570af Wait the readiness of pods for all the containers generate logs
4275b8b759d Don't limit the number of goroutines dispatched by the API Dispatcher
736f7b9a1b5 update to latest sigs.k8s.io/json
9d5ddd9faca change klog to log volume name instead of entire spec in GetDeviceMountPath
19356ad1182 refactor(cloud-provider): Use WaitForNamedCacheSyncWithContext
f44279647bf refactor: Use WaitForNamedCacheSyncWithContext in core components
9d4b91dbd80 kubeadm: cleanup after ControlPlaneKubeletLocalMode
c3a26a066d8 Bump golangci-lint to 2.4.0
36e3adf318c Add e2e test for MaxUnavailable StatefulSet RollingUpdate (#133717)
9382fa8b70b Remove KUBECTL_OPENAPIV3_PATCH feature gate as the feature is stable
7028ba09dbb fix: duplicated 'the' in comment
d7a2793fa65 bump system-validators to v1.11.1
f8bfcfc8857 Drop utiliptables.NewDualStack()
88d6e6c465a drop automaxprocs hacks now that go 1.25 handles this built in
563d4d651ca bump go language version to 1.25
f8d2df0f74b refactor: skip re-validating for unchanged resource claim specs
9ca4ddf9699 add go.work.sum to dep-approvers file list
c8d3b3fdd33 add go.work to dep-approvers file list
4b0eeeb6184 Make pod-security-admission honor emulation version
7f4ee652eaa Delete temporary ProbeHostPodSecurityStandards feature gate
55419eca7a2 Plumb effective version into admission initializer
67632f8229d Add support for k8s-long-name-caseless format.
17665a39cf5 feat(validation-gen) enable declarative validation for resource.k8s.io DeviceClass
871f87eaec6 e2e_node: test DRA plugin gRPC connection reuse
6d5aece4d81 Ensure keys used in storage and cacher start with resourcePrefix
0b10735cd72 Extract the prepareKey function
709280ef6e7 Test requests send to etcd for all LIST requests
56a4306fed7 kubeadm: graduate ControlPlaneKubeletLocalMode to GA
fa9071302f8 Adding metrics for Maxunavailable feature in StatefulSet (#130951)
f58d1e101ff refactor(controller): Use WithContext variants in cloud node controllers
d12eeb98d0c Replace HandleError with HandleErrorWithContext
69aca29e6de Update kitten base image from agnhost:2.33 to agnhost:2.57 (#133818)
6dbc13fd134 Bump to go1.25.1 based images
af231d2153c Replace WaitForNamedCacheSync with WaitForNamedCacheSyncWithContext in pkg/controller/
eca1cfb259f chore(validation): add validation identifier for declarative validation in ResourceClaim
c0fcb10acfa fix(tests): update fake client initialization and add resource version handling in validation tests
7c45b1aa3b7 refactor: simplify declarative validation tests for ResourceClaim
380c4c222ee feat(validation-gen): Add declarative validation support for ResourceClaim/(v1,v1beta1,v1beta2)
3fc0498d6ec Bump distroless-iptables to v0.7.8
fb184a9ff42 Update pkg/api/testing/OWNERS
c51a8734b12 Update documented metrics list
aefd2effc5e test: automatically lower Ginkgo parallelism when using race detection
479d78851ab feat(apiextensions-apiserver): Add WithContext variant to EstablishingController
7a62519b364 E2E: treat data races in e2e suite as failures
f5cd1a16646 Address tests grouping comment
50ea1f870ea fix incorrect warning whenever headless service is created/updated
92dcd02459f Add helpers for declarative validation tests
74faf1527fd Unify directory protection for recursive requests in storage
cbb7b29bc24 print the current kubectl command encapsulated by kuberc on V(1)
3799b8bf6a7 Add reviewers and approvers to api/testing
1c41cb0550b fix gofmt
842d6d29fc0 test/e2e/node: promote ConfigMap update test to Conformance
1a5e77135b2 Add fine grained metrics to narrow down DV mismatches and panics
4db49d0f4e9 feat(validation): enhance slice validation with declarative options
4074be896bd Record SyncTerminatingPod error and set error status on span when non-nil err returned
f99cb99a1b9 Wait for quota to report used before creating pvc
8817dd65296 Update cmd/kubeadm/app/cmd/upgrade/node.go
91a3a30eb5c Ensure consistent key schema requirements between cacher and etcd3
938b23879a2 test/e2e/node: add [NodeConformance] label to ConfigMap update test
5dac4ee1695 Improve dry-run error messages for clarity
a825c72697e Update agnhost to version 2.57
e39ed4a4b4b scheduler/volumebinding: add test for PVAssumeCache
bbee7b9d6b1 scheduler/volumebinding: rename passive_assume_cache_test.go
4b0eff59c07 scheduler/volumebinding: target AssumeCache UT generic passiveAssumeCache
872981a2055 Rename CLE test directories
1ce12710ec1 refactor(controller): Use context-aware WaitForNamedCacheSync in resourcequota and HPA tests
d2ba13dac92 Add exceptions for existing issues for conditions linter
894d724f98a Enable conditions linter for Kube API Linter
e3b08f98713 Update KAL to latest and add shadow config for new options
af6b3ed1f51 Add support for k8s-label-key
aa0c5960edc Add support for k8s-label-value format.
8fed05c5b78 DRA E2E node: fix test cleanup
b81e87c02f9 fix: use iifname for input interface name matches
5a708a7ff0d scheduler/volumebinding: remove Get[API]{PV,PVC}
ed19492dc2b scheduler/volumebinding: passive assume cache
09ab06b423c Remove container name from container event messages
bbf896c35bb build: automatically choose a suitable base image
4e907fad15d Explicitly set TerminationGracePeriodSeconds for mirror pod
1e742f01ba6 Fix cacher resource prefix not having a "/" at the end in tests
c385a229d4b scheduler/volumebinding: introduce testInformer
1baa7936d89 Fix flaking RunTestDelayedWatchDelivery
eaf87d59077 scheduler/volumebinding: pass testing.T to helper
dce23dac036 scheduler/volumebinding: use subtest
90109b21af7 Wrapper for DeleteLabelValues
455a4376742 node_e2e: fix kubelet configuration setup
c08b9ab3b5c Replace deprecated sets.String with sets.Set for Index type
476325f6e5f Specify the deprecated version of apiserver_storage_objects metric
cbedde7ef50 [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate: also empty TokenFile if Token is set in ConfigFlags
41307203ba4 Add additional test for root level, ignore mutation lint error
029d314e150 Replace NewIndexerInformerWatcher with NewIndexerInformerWatcherWithLogger
46cc610e6fe Drop PodIndexLabel after the feature GA-ed in 1.32
16fa1501826 scheduler_perf: run garbage collection before measurement
c52e3aafb32 skip creating storages for unserved versions
74cf1db218e sort the device requests in the extended resource claim spec. removed the sortClaim in the unit test.
bb21080626d standardize not found error message of kubectl scale
ecff35e2fb4 deflake e2e tests: set cpu requests to avoid out of cpu
0c0acbc5351 Disable too short scheduler_perf workloads
9f31b009081 scheduler_perf: KUBE_CACHE_MUTATION_DETECTOR=false in docs
4f6598e8a31 Fix tests not using proper resource paths
6e5a5abb86c Fix version bump to follow semantic versioning
97cd1c24085 replace fmt.Printf with fmt.Fprintf
96463c1e9a7 kubeadm: fix the KUBEADM_UPGRADE_DRYRUN_DIR environment variable doesn't work forthe upgrade phase when it writes kubelet config files to disk
9f49e3b9e16 deflake unit test: TestIsConnectionReset
86028eecf2a Add ratcheting of selectableFields
a89a36061c8 fix lint errors
3da372354d6 add fake-registry-server command to agnhost
480fad996d5 kmsv2: run TestKMSv2ProviderKeyIDStaleness in parallel
dfcadb4f896 Replace WaitForNamedCacheSync with WaitForNamedCacheSyncWithContext in pkg/controller/garbagecollector
5e66bb69720 ./hack/update-codegen.sh
fe1aedd0bf7 applyconfiguration-gen: remove "Experimental!" comment as the code has been stable for several releases
c911747f240 applyconfiguration-gen: preserve struct and field comments in generated code
8dafb98e916 Update sample-apiserver and examples
fc091d93d53 Update tests that depend on internal model names
e9daf55b56a Add tests
3fc59ee9a70 stop using util.ToRESTFriendlyName in favor of declared model names
0dd2056045a Update violation exceptions
5647c07179d generate
e910c181cb9 Add model name generator tags
cfbe326e3a2 Enable openapi model name accessor generator
8b63ace66c5 Bump kube-openapi
dd9917ddce8 Fix flaky resource claim metrics test
3df195633a8 Add support for UUID format.
7e6aafe1577 fix intergation test
9e60e3593ec kcm/app: Add proper goroutine management
79f8d1b1c5d fixed bug such that implicit extended resource name can always be used, no matter the explicit extendedResourceName field in device class is set or not.
1ac067ae0e6 Fix tests to to only accesses keys from under resourcePrefix
31e035ec39e Use increaseRV in TestWatchStreamSeparation to imply external RV increase
83273e21b91 DRA scheduler_perf: clean up usage of steady-state pod scheduling
9af3e868102 scheduler_perf: detect testcases with no pods scheduled
3dfcda9afdb Fix minor inconsistencies in scheduler
bf0429ed07c migrate kubelet/certificate to contextual logging
edc8dafc699 Cleanup enabling resource size estimate
5483c52e101 DRA: Fix ConsumableCapacity shceduler perf test (simplified)
05fc3f65d82 CHANGELOG: Update directory for v1.31.13 release
70af7708fcc CHANGELOG: Update directory for v1.34.1 release
d884ed5e97b CHANGELOG: Update directory for v1.33.5 release
6d0138d3f12 modify etcd data for integration test
587f67052dd modify api version hash
7184ac5a733 make v1 resource version first priority in resource
f89e73a3038 CHANGELOG: Update directory for v1.32.9 release
9ca3159e34c Fix fake runtime's image pull
a77fc586c75 Fix negative pod startup duration
bbdd27d91e5 Add tests for unique tag combo & update-codegen
62662e3a08e feat(validation-gen): support unique tag on list
a5b29fa812e refactor(validation-gen): move list-related validators to list.go
81cb5b7df22 DRA: Fix PrioritizedList scheduler perf test
c4d8c9b5440 Re-disable listmap uniqueness (for now)
6fb020b1942 Temporary: Re-enable listmap uniqueness checks
3e15dded75d Pass equiv func to subfield, like item and eachVal
0d5e374da93 Don't ratchet-check inside type functions
b6fdbe4a6ab Emit ratchet check for fields with a type func
229954d1138 Revert "protect against race between deletion and adding finalizers"
e2e7fa17990 switch our usage of expfmt.TextParser
bdfca587f48 update prometheus' client_golang and common packages
2d71a0d72b2 Refactor ItemTagValidator.GetValidations a bit
8f679c74020 Make item validation just use a TagValidator
c047bdf58fe Sort item criteria to match listmap key order
26283acfb14 Clarify that union has field- or item-members
3f068c7c64d Parse path early, clean up getDisplayFields()
77c1ac6320b Improve error reporting in item tag
1f61a8b814d Rename "fields" to "members"
1417e56dffd Break processFieldMemberValidations into 2 funcs
023c026d6fd Add ListSelector in validation Context
3e2e2195ed8 Unions: replace `[2]string` with a type
8130cf82b59 run "hack/update-codegen.sh valid"
348d576c9f7 validation: Use JSON names in paths
f51d57042e5 Update Context comments and fix some usage
9e71a07abf5 Minor validator name-string fix
fd3fcfe121a Add comments to generated code
471256619f6 Put the nfacct e2e test back under the "KubeProxy" label
9b696ff58cd build: also support KUBE_RACE for test binaries
90c9a932d49 fix race condition in kubelet's PodCertsManager
8b50c77eb6d scheduler_perf: measure DRA setup time
bc8ce679984 delete v1.32.0 testdata
d59d48e64a3 Add v1.34.0 API testdata
b276c96ef86 Migrate kubelet/server to contextual logging
1e3c3934cb9 e2e_node kubelet configuration: merge feature gates and system-reserved items
c5882e38fff Fix ClusterIP load balancer disappearing when InternalTrafficPolicy: Local is set.
e3c9c277c33 fix CI failure: update pod image using the same one
55700685bd0 Revert "Add retries to node's crictl test"
801ee441630 Validate kubelet serving cert in local-up-cluster
82eb8bd23a2 Populate memory requests from actuated resources at pod status generation time
8ff5cec2617 scheduler_perf: block after creating ResourceSlices
af6da561dd8 scheduler_perf: reset and stop testing.B metrics
5170982540d chore(kubelet): migrate eviction to contextual logging
39170e2ed63 chore: Clean up duplicate logs
cfeeff7aced chore(kubelet): migrate stats to contextual logging
5ed98e97e1c Remove getLocalNode to fix GracefulNodeShutdown e2e.
b42b96f518f add paths section to scheduler statusz endpoint
06c5eb992e8 DRA kubelet: avoid deadlock when gRPC connection to driver goes idle
6b908c192cc [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate: use values from overrides when one of the field (file or data) is present in inverrides
d38c1df3f36 chore(kubelet): migrate metrics to contextual logging.
cd343aaf1e3 Fix OWNERS_ALIASES entry for SIG Docs
7aa6cabd634 fix typo for forceDetachTimeoutExpired
fc8907da38d [client-go] [cli-runtime] [133916]: handle properly config override logic when override provides ClientKey, ClientCertificate
8118636321a Close container runtime connections after use
1a0813598b7 Update SVM Discovery checks in response to jpbetz and stlaz
bf851e8bcfa Apply feedback
7d14367f57c Change WaitForNamedCacheSync to WaitForNamedCacheSyncWithContext.
80e6f9e20a2 chore(kubelet): migrate container to contextual logging
f1b28b0d1f7 chore(kubelet): migrate watchdog to contextual logging
98f81fc2910 Remove redundant experimental prefix in wait command
d75d4860e7f kubelet: migrate module `logs` to contextual logging
9c1cf79d74c kubelet: migrate utils to contextual logging
62cadde688c Fix incorrect description of feature PodObservedGenerationTracking
c88f2f3142b Add k8s-long-name, k8s-short-name format validation tags
c8681531abd fix typo for sattsfied
4e200ca00e8 fix: Only warn for unrecognized formats on type=string
cee1ea7225a Update client-go compatibility matrix to include releases up to 1.34
ddb015f023b Resolve confusing use of TooManyRequests error for eviction (#133097)
86e3ad233f7 Revert trapping TERM for podWithCommand
21359d7b1f4 Switch to resourceVersion controller
21ff3c196c2 kubelet/metrics: fix multiple Register call
98c62936230 kubelet/metrics: misc optimization
43c3b03685c Lock AllowOverwriteTerminationGracePeriodSeconds
fbd33bd6b39 hpa: prevent integer overflow in external metrics sum
09548c6bdf3 Move actuated resources state to kuberuntime.Manager
683a76dd159 Enforce that all resources set resourcePrefix
954ac21c6c8 Add Kubelet stress test for pod cleanup when rejection due to `VolumeAttachmentLimitExceeded` (#133357)
3e84e16315a Disable estimating resource size for resources with watch cache disabled
73cf278883a Mark some aliases as deprecated
5f4b4a68249 Bump gengo
7e9b228ff09 apply integration test: fix ordering test flake
07faaec2c42 scheduler-perf: fix data race in createPodsSteadily
c8f8f66e6de Increase termination timeout for `evicted pods should be terminal` test
ef7cee89bf2 add events.events.k8s.io to clusterrole view/edit/node default
8d31237c334 kubelet: poll after reloading logind conf
c7ddceb8cb4 client-go/dynamic/fake: Stop ignoring options
5e59c658d6c Organize enum tests
f971ad76af2 Only pass type args when needed in enum init
fa1f9d444cc apiserver: avoid default toleration seconds data race for all tests
ad9ae3ab9d9 test: fix data race in test/integration/controlplane/transformation
e32adad6570 apiserver: fix PriorityClasses creation data race
a67468717c3 Omit value type from validation rule failures
d6068db62ec CLI: log info about race detection
23362e001c4 build: support -race in binaries
9fb1ef4dd0d fix kubectl exec command in cmd test
da0e7384d5e - Update Nautilus test agnhost images from 2.33 to 2.56 - Update VERSION to 1.8 - Addresses issue #131874 for updating outdated base images
4babdf80264 Fix race in movePodsToActiveOrBackoffQueue
fadb40199f1 Move interfaces: Handle and Plugin and related types from kubernetes/kubernetes to staging repo kube-scheduler
82896feebbd cli-runtime: Return defined error from Builder
f0be916f7a9 Update CNI plugins to v1.8.0
584a9da5940 Use golang protobuf for etcd version monitor
a41de8771af Bump github.com/spf13/cobra v1.10.0
137d56c1c24 add paths section to kubelet statusz endpoint
6ddf6261d44 Update to spf13/pflag to prevent CI break
1fd7f308fc0 ci: remove httpd usage while using agnhost instead
588276255ba Disable collecting stats for resources not setting prefix to prevent error logs
9b47a096f4b Update to CentOS Stream 9 based on reviewer feedback
ea02ce5b603 Update protobindings scripts to drop gogo paths
70cd76c5cf2 DRA e2e node: skipping resource health disabled test
1578267ebef Update volume/iscsi base image from fedora:38 to fedora:42
73127eb86d0 Update volume/nfs base image from centos:7 to centos:8
72847ee1f75 Replace deprecated strings.Title with cases.Title
8a6f1736523 lock DisableAllocatorDualWrite
158e4e82615 generate
b6927088c83 Use consistent documentation of aliases in the API
b159d2ca597 self nominate natasha41575 to be a sig-node reviewer
799312a402c Update pod resize test to accept new cpu.weight conversion.
bf13cd1b81d added resourceClaimModified to bindClaim to decide whether to update assume cache
1ba96db35b5 ./hack/update-codegen.sh
8b0d7efb43d applyconfiguration-gen: add ExtractFrom with subresource support
f1d0c5dbc39 return an error in case nil selectors are passed to matcher functions
81cec6df1d0 Bump to mockery v3
7685612b9c2 refactor(event): simplify conditional logic in event handling for both v1 and eventsv1 APIs
faa0f33b8be remove v1beta3 flowcontrol from rest storage
fd2d2fd66ff Convert `k8s.io/kubelet/pkg/apis/dra` from gogo to protoc
d1946199792 Fix linter
36cf7282814 Drop SizeMemoryBackedVolumes after the feature GA-ed in 1.32
9f8d9432e20 bump gopkg.in/evanphx/json-patch.v4
f3d278e75d1 Fix completion of resource names
233384d4e47 deflake e2e test: Services should implement NodePort and HealthCheckNodePort correctly when ExternalTrafficPolicy changes
d85ce5310de Appease linters
e6ae04e02ca generate
15b29a0fa20 Add +k8s:ifEnabled and +k8s:ifDisabled tags
243f47f3b33 Omit type names of emitted slice elements to appease gofmt
5c955edfe04 Add support variable initialization using any literal type
e8186d06790 Add output tests
8435fbab983 Add +k8s:enumExclude and options support to +k8s:enum
64d9ddcf9dc Add enumExclude support to enum validator
ed170c1c0aa Add constant discovery, ScopeConst and StructLiberal. Remove ScopeAny.
e1218922db0 Add unit tests to isResourceUpdatable
aea27237443 populate pending and ineligible endpoints
e5f4caf62a6 drop spammy xtrace from hack/test scripts
f1d980adf91 separate resource-quota and limit-ranger resize tests
541ff7cd169 DRA: Add configurable health check timeout per device
f336f4c75a0 Close response body after the conn is closed
2608a38d475 Increase port-forward broken connection detection client timeout
2f356d02e29 make update
09e357d31fd Drop StatefulSetAutoDeletePVC after the feature GA-ed in 1.32
bf6a55cd062 e2e: node: address linter errors
9aed0813e66 e2e: node: cpumgr: replace old testsuite
c4f7272f621 e2e: node: cpumgr: keep only scaffolding
37d678e098f e2e: node: cpumgr: remove old sidecar container tests
666dec8c2f6 e2e: node: cpumgr: remove old reserved cpus tests
d98069e22c8 e2e: node: cpumgr: remove old distribute-cpus tests
e2624d0cce4 e2e: node: cpumgr: remove old smt alignment tests
9e6073304fb e2e: node: cpumgr: remove old cfs quota tests
bf9511eda63 Remove GA feature gate ComponentSLIs
c35d5473ddd Remove the otel semantics override
684473af623 Bump cadvisor to 0.53
12a784b46bd cleanup: remove redundant type conversions in podautoscaler
c16d72c4140 e2e: case for multiple volumes reference one PVC
0e6b22b5c80 test: add assertion to check OuterVolumeSpecNames
4abd40f6e3d kubelet: multiple volumes reference one PVC in one Pod
7910cbb8842 kubelet/volumeManager: remove outerVolumeSpecName from ASW
146f0c93453 remove MountedVolume.OuterVolumeSpecNames from logs
52b7d035f96 cache: do not allocate chan for nothing (#133500)
f1ceec70a68 feat(apis/batch): PodFailurePolicyOnPodConditionsPattern.Status can be omitted (#133479)
66fdbe10583 fix using stale pod when evict failed and retry (#133461)
5af2b732bee Change KYAML gate to on-by-default
b9a8dffa51e Fix replicaCount calculation exceeding max int32 (#126979)
7cf39066b34 Remove sleepAfterExecuting param from diskConsumingPod
388046c3ea9 ImageGCTerminatedPodsContainersCleanup e2e node test
c9ccbae0d9e Remove terminated pods eviction code
2cad51f6c0d Add ImageGCTerminatedPodsEviction e2e node test
a59ce54d79f TerminatedPodsEvictionOnDiskPressure e2e node test
df54470e9b8 Test terminated pods are evicted on disk pressure
146357aa395 Evict terminated pods on disk pressure
ad8afd3ab09 add generated files
ff37d8c3394 Drop experimental prefix from kubectl wait command
388aaebbd7b Add HirazawaUi as a reviewer for sig-node
b012e16b47e Remove use of pkg/scheduler/framework.NodeInfo in node_ports.go
731e6def042 Fix the spelling error of grpc in the log
b83e933d6a9 doc comments
6dff95db798 CHANGELOG: Update directory for v1.34.0 release
ac802de9f54 update openapi spec
5a718ca28cb remove stale Godeps filter from rsync
8512862161d cleanup tempdirs on exit in kube::verify::generated
d4e1d134801 add note about not adding to rsync invocations
33a58e4bef5 stop excluding GOPATH from rsync
7a43f8bd273 Omit values from validation rule error expressions
56e2f15c1a8 Show simple values in validation rule errors
00c30b354df Reduce nested conditionals around validation rule errors
d838611d6db api: Remove +listType marker for non-list field
ae2d50cf1a8 Update MAP storage version to use v1beta1.
2dc6f7501ee kubelet: fix error message for EnableNodeLogQuery
3c00c3cb29d Move GetAffinityTerms functions from pkg/scheduler/framework to staging repo
75d04e6c7b6 Add a note about Conflicts return value
83da6f1a87c fix(controller/podautoscaler): do not print panic when .status.lastScaleTime is not set
1c336e3fc6f Fix flaking readyz check in scheduler integration tests
4fa6c70604b hack/logcheck.conf: add several converted packages
63f304708a0 client-go leader-election: structured, contextual logging
46e10103ff0 Take activeQ lock for part of the Update method
a0a43e5f80e Drop CronJobsScheduledAnnotation after the feature GA-ed in 1.32
09954ce369d Drop unused tests, after KEP-2599 graduated to GA
f2bc8bdea5e Drop unused tests, after KEP-3335 graduated to GA
9c8e03a40b2 gofmt cleaner.go
3bf684b4ed0 fix: parsing the patch directly
ac1f9fb73f2 util/sets: benchmark List()
48399b1af14 util/sets: simply List() by using slices.Sort
16d4f9ea1f6 kubeadm: clarify the comments for a few API fields
3b7475c5226 kube-proxy: list available endpoints in /statusz
8a95e8a71ca DRA E2E: clean up class creation for extended resource tests
4a597f50b4b Fix panic in PodResources API test when FeatureGates is nil
7debab65049 Apply feedback
8b0b0df431a Don't run PreEnqueue when pod is activated from backoffQ
8b760704fc6 fix(cleaner.go): exit early on check of CSR issue state
6cefbb65d0f Apply feedback, minor cleanups
2fc66ddaf25 update gofmt
e1c586eb00f Add doc.go, example_test.go and ARCHITECTURE.md to apiserver
3f5b678e980 Update nfacct_linux_test.go
e792dcb8100 Update cri-tools to v1.34.0
accdd9e27e7 Add doc.go and ARCHITECTURE.md to client-go
08bd33e0dc1 clean up outdated in-place pod resize todo
3bdaeea2155 feat: Add discovery check to SVM to ensure migration doesn't get stuck
bb6a0ea6b2c HPA: optimize calculatePodRequests for specific container lookups
94d3dc40b23 kubectl: include container fieldPath in event messages
f6b3f916b1f scheduler_perf: fix data race warning around klog flush
df64d3f8826 Remove rbd image and storage class
f920b064d00 Promote VAC API test to conformance
ebf3d814f4c Fix(cleaner.go): Add GC to handle Approved-Unissued CSRs
770b749436d feat: Require SVM to use RealFIFO
b46a5cceeff Fix missing control plane health check timeout
dec23d58e4c Add remote runtime/image `Close()` API
97a146d47df Refactor error handling: reuse `err` inside closures and avoid re-shadowing
5c8f26f4803 kubectl: fix expose --selector help text
2180b441dd7 gofmt and review feedback
b9d5edd4445 remove stray strailing tabs from gocritic settings
535b4e07e94 enable gocritic deprecatedComment check to help lint for malformed deprecation comments
0b647319c44 hack: more output about running tests
38da6d767db DRA: Fixed ResourceClaim UpdateStatus to wrap with RetryOnConflict to automatically retry in the event of a conflict.
76e5929d1a1 chore: update CronJob casing for create job help
c97f08793cb Fix startup probe worker termination for sidecar containers
d4f8bebda08 Fix label selector parsing for consecutive commas
8d4108bf935 fix: Update unit test to catch actual nil Labels case and fix functionality to handle nil Labels
189d6d726bf fix formatting of deprecation warning in test/e2e/framework.WaitForServiceEndpointsNum
db5dd2fe8f8 update-codegen
2b47e8e5b5a fix deprecation comment in register-gen
668b3fe4afc update-codegen
ef1878c6013 Update `sharedInformerFactoryInterface` context initialization example
80071d16e18 fix deprecation comment in informer fatory generator
fa5792a4664 fix k8s.io/component-base/metrics deprecation formatting
1dd428d4c01 fix deprecation formatting for k8s.io/kubectl/pkg/cmd/config.NewCmdConfigSetAuthInfo
9fabccd24c9 fix deprecation formatting for k8s.io/apimachinery/pkg/api/errors.NewGone
30f4fc9ca38 update-codegen
8c139fbe942 use correct deprecation comment in clientset fake generator
a405844e66d scheduler_perf(fix): correct typos, clarify comments, and minor tweaks
d3ba41467db set default log flush frequency in kube-proxy config validation tests
69b3876fd17 set default flush frequency in kubeletconfiguration tests
f9dcd5f7135 validate that flush frequency must be positive
3995b6cf72b Register apiserver_resource_objects in TestDeleteStoreStats
b77f4f2425a Align metrics hiding with deprecation policy
0b16f0ae3cb Test that auth{z,n} hook clients honor Kubelet's request encoding.
f0e52c1c476 add known example API group suffix to avoid race
cb1d04655fa test-integration: set KUBE_PANIC_WATCH_DECODE_ERROR to false
aa819af85a1 chore: update CoreDNS to v1.12.3
e1dd085ffe2 Add retries to node's crictl test.
7f4462398ab e2e/watchlist: normalize dynamic 'Age' column in Table test to prevent test flake
3eb69eb8522 Fix DaemonSet misscheduled status not updating on node taint changes
39e7b2ce5e4 Migrate pkg/credentialprovider to structured logging
ddffd8e3893 Allow IfNotPresent to be used in node e2e tests Currently the node e2e tests overrides the image pull policy to PullNever, if the policy is not PullAlways.
d4bd007d3b8 adds a list of available HTTP endpoints for the kube-controller-manager component under the /statusz page
ea9d7ff8656 PSI test: add a CPU limit of 500m to cpu-stress-pod
8612c57d216 e2e: node: linter fix
e839adafb7c e2e: node: cpumanager: move shared code in topology manager tests
af53d97786a e2e: node: cpumanager: move specific helpers
d86d798eae4 e2e: node: trivial rename
30ca634386e e2e: node: cpumanager: push utilities in util.go
bb7cff161c5 e2e: node: split utilities to learn machine properties
1a4e289cfac e2e: node: split kubeletconfig utilities
a28eda435f2 Add sig-instrumentation as OWNERS for apiserver/pkg/storage/etcd3/metrics
1ea47202688 Add e2e test for SELinuxMount to CSI drivers
97edb4d5e43 Fix SELinux label comparison
76bbaa9d47a test: Standardize labels for ResourceHealthStatus e2e tests
9a6db5ad0ba remove allocationManager's reference to containerManager
9a8a4a3b440 Add missing cases to SELinuxMount tests
3fc91586a71 Fix metrics test
993ba324cd4 Bump BV to 1.35
29eb19e4228 Address feedback
bd900111a8e Move ContainerRuntimeOptions flags to cmd/kubelet/app/options
ff6f4e1f633 Move kubelet config code to kubeletconfig
30b34fbcca3 Don't read AllocatedResources from PodStatus during admission
dc0343c2f79 Split preemption integration tests to mitigate the timeout
0c91e28360d Clean up service account print and describe
aa59f930b35 Add lock to TestAsyncPreemption to prevent races
c5ef7208373 Fix race in scheduler integration tests
70794c4568e Add newline to fix owners fmt
7242ddd9370 Add jefftree to OWNERS
cf8ab1c3e7c component-base/metrics: add concurrent WithContext unit test
45f61b5bc06 component-base/metrics: store WithContext ctx in a wrapper to avoid race
1d792b00e65 move timeout to only cover the line under test
640dabd58b0 Decouple term and remotecommand packages
a2061e97f45 install appropriate version
50fec6fc577 kubelet/volumeManager: (Get -> Has)PossiblyMountedVolumesForPod
c20b105ac28 kubelet/volumeManager: GetMountedVolumesForPod() returns desired and actually mounted volumes
09131604046 kubelet/volumeManager: verifyVolumesMountedFunc checks both desired and actual
eac9da061dd Bugfix: DeleteOptions decode errors should return 400 instead of 500
62dcfe3bc06 Added WithOrigin within apis/core/validation with adjusted tests
b080dba14ec Add utam0k to SIG Scheduling reviewers
6c56d2fd1bc Replace usage of deprecated ErrWaitTimeout with recommended method across all Pkgs
d959186056f kubeadm: simplify error handling in getAPIEndpointWithRetry
0a987f8f578 ServiceCIDR ValidationAdmissionPolicy for backkwards compatible behavior
81e680e6d98 defaultservicecidr controller no shutdown eventbroadcaster on start
efcf97f98c7 authz tests: delay response in context cancelled scenario
d0816f84f9c feat: increment an internal metric when duplicate validation errors
66f7e30c653 conversion-gen: use custom conversions for slices and maps of pointers
a4763ee3cb8 conversion-gen: add test for custom conversion functions for maps and slices of pointers
f154d43739d conversion-gen: avoid attempting to read or set unexported fields
808f837c310 conversion-gen: add test for conversion of unexported fields
531fdc67e28 Replace deprecated WaitForServiceEndpointsNum
3b0a85170a7 Make kubectl auth reconcile retry on conflict
25fee618fd9 Add helper command for comparing protobuf files
78c9672deb7 migrate tracing tests to use the new otelhttp semantic conventions
6852abc73c4 WIP: Use the tool directive instead of tools.go without sharing dependency
ffa084f8112 kubectl: Fix current-context being written to wrong file
c11759bdbfc golangci: Disable staticcheck QF1008 in hints
391967c7b6a Report actionable error when GC fails due to disk pressure
584eb8464cf Pod Certs: Fix flaking integration test
3a86a4eb0dd fix: fix failed ci
7c1d133dff7 Fix sidecar containers flaky tests
bf088c12ff0 chore(kubelet): migrate images to contextual logging.
b6f6731ab61 chore(kubelet): migrate prober to contextual logging.
065899e95da chore: use ptr.Deref to replace int deref utils
cd4771d7371 fix up types for 1.34 release - remove GA feature gates
925bce297e4 Fix help for set selector
908fb0266de Fix gocritic issues
b04222a41c7 Fix non-existing PCI device hierarchy scenario in TestGetPCIeRootAttributeByPCIBusID
c4e8e8310b8 Fix typo in test case name
64d452d3b61 Fix non-existing PCI device hierarchy example in GoDoc for resolvePCIeRoot(pciBusID)
725b17067a6 Do not remove PVC ClaimRef to fix flaky VAC test
aa077145377 chore(kubelet): migrate userns to contextual logging
ec9f0d55360 chore(kubelet): migrate nodestatus to contextual logging
2b1f38a83b5 chore(kubelet): migrate config to contextual logging.
cc4666cc94b kubectl/logs: Add LogOptions.RunLogsContext
904ba748f12 fix(kubelet-windows): Typo in structured log user display name
086a5add02d test: code coverage increase for kubelet/preemption
a375b0aa367 Ensure CSINode belongs to current node on init
ed07efbc579 Configure JSON content type for generic webhook RESTClient.
5d20dc55bfd chore(kubelet): migrate pluginmanager to contextual logging
ad47298caa6 Fix a typo in fake clientset generator
53e7b175524 Fix CEL library doc string whitespace
ba46831c87a bug: Remove duplicate storage resources update validations
176ee0c2452 bug: Remove duplicate RBAC resources update validations
1dd33c8e6de protect against race between deletion and adding finalizers
49ebabb54e6 verify: additional validation of e2e.test --list-images output
73627dd663b verify: improve output of verify-e2e-images.sh
a352bf8815d Remove redundant MilliValue call in GetRawMetric for podautoscaler, which has no functional impact.
7c1d0c93a2b added changelog for CRI API 1.33
e7d76f37a45 flag: fix nil-ptr panic & typo messages
dd37ad1bc2c metrics: don't record apiserver_request_sli_duration_seconds for dryRun requests
6f1abad18e5 metrics: add dry_run label to apiserver_request_sli_duration_seconds
9f1704dd9a1 pull mounter from dl.k8s.io
e7cfbc6e14a gocritic: simplify bool expression
a79865c0016 Added contribution info to sample-controller README
a325cb42115 try order sandbox by attempt or create time
947de3d0a49 Bump addon manager image to v9.1.8
fe02b543aac Fixes pod status error when it has an error container
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We drop one patch that is no longer needed, and pick up the following
commits:
13563febb4 Update to v1.35.2 (#13707)
b7a5ea520a Bump Traefik to v3.6.9
5505935bd5 Improve resilience of datastore bootstrap reconcile from etcd
6a11814e1e Install binutils-gold only for arm64 builds
971abd7839 Bump kine to v0.14.12
ef3352b33a Fix rootless test to work with -local flag
25fe4279fe Revert "Move to rootlesskit v2 (#13486)"
a3f1ddbc62 Bump rancher/systemd-node version for docker tests
6043b5c5b9 Fix support for E2E commit installs
50fa2d70c2 Update to v1.35.1 (#13637)
3d825d02bd Fix removal of init node
cf8b2aba13 Bump klipper-helm and klipper-lb images
57a9ba0151 Add registry prefix to image-list file (#13602)
2e474257cd Bump metrics-server to v0.8.1
1e853f688f chore: Bump rancher/mirrored-coredns-coredns image version
eb44ad66dc chore: Bump rancher/mirrored-coredns-coredns image version
a2e38967f6 Fix VPN node IP not being applied to kubelet (#13560)
bc8ee0e64d Bump kine for list/watch revision fixes
4044d9a886 Add helper function for including stack trace with error message
24a60f8e70 Handle empty token file as nonexistent
70a776fb46 Add IPv6 loopback to kubelet-serving cert
5d394478f5 Fix filter for wildcards
c9be8a6180 Explicitly close mvcc backend
cfad6a6a67 Bump scorecard checkout to match all other versions
bba659457c Use channel.yaml instead of curling for stable for kubectl install (#13531)
9ccb98edf7 Update install tests with new images, add alma10 (#13489)
05d985ac44 Move to rootlesskit v2 (#13486)
c8ae7d1beb Prevent caching on PR of golangci-lint entries (#13487)
323b952450 Fix restart of control-plane-only nodes attempting to reconcile from local datastore
312c2388cf Update to v1.35.0 (#13523)
69c0aad6c2 Bump etcd to v3.6.7
1869c121ba Add sudo to go coverage in CI
084963abc6 Update Traefik version to v3.6.7
f03b0e91bd Bump to coredns 1.14.0
2efebf2379 Remove download/generate from vulncheck
c6e9ccb101 Fix setup-go cache issues
f028f773d5 Bump kine for NATS conformance fixes
9dfce1de28 Update longhorn version in integration test from v1.4.0 to v1.10.1
89949bc0f6 Add deferred store implimentation
f56a11018f Bump spegel to v0.6.0
179bc20bc7 Bump expr-lang/expr
69bd545420 Fix atomic write in WriteSubnetFile
f35890692e Drop use of deprecated docker reexec package
5326e4845c Bump CNI plugins
e271b600f1 Remove flannel external-ip annotations when disabled
93e5cdc665 Add tests for etcd local reconcile
14d0946392 Fix etcd reconcile with empty TLS dirs
35325987e3 Replace temporary etcd server with raw mvcc store access
17be721d99 Don't enforce use of wg.Go instead of Add/Done
b3b4b64a31 Bump stable to 1.34 and add 1.35
74afe498d0 Fix PR lint checkout depth
344a1bfd1f lint: nested-structs
3816096e46 lint: unnecessary-format,use-errors-new
09484feb7c lint: unhandled-error
05f0cdf080 lint: identical-switch-branches
c45212f932 lint: useless-break
6964eca111 lint: unnecessary-stmt
2b9f2f465c lint: unexported-return
b43f4a90cb lint: unexported-naming
43c58a897c lint: unchecked-type-assertion
44bb326fcc lint: superfluous-else
d2bbcb8ce2 lint: struct-tag
d27b113d58 lint: redefines-builtin-id
986915c381 lint: indent-error-flow
dd97235fc1 lint: import-alias-naming
035a60f295 lint: if-return
7506516bfa lint: exported
c290d10a57 lint: empty-lines
b32993713c lint: duplicated-imports
313966fbee lint: defer,get-return
a005161b4b lint: bool-literal-in-expr
d360faf2b3 lint: bare-return
5c7c49e36d lint: deep-exit
3c0ed0293b lint: comment-spacings
7f1a90166f lint: dot-imports
08918b90a6 lint: use-any
b80668fc2d lint: redundant-build-tag
a9b96775dc lint: file is not properly formatted
2ccbe1f844 Add lint/validate job
e1ef30f0ef Bump golangci-lint for go1.25
5dddbc8a66 Bump actions/cache from 4 to 5 (#13347)
5a793c4cff Bump actions/download-artifact from 6 to 7 (#13346)
26217f45bf Push GA images to staging registry (#13437)
b54634c463 Bump local path provisioner to v0.0.34 (#13426)
14c744d013 Bump coredns to 1.13.2
625139da72 Bump traefik to 3.6.6
4a49c0a04a chore: Bump Local Path Provisioner version (#13387)
591dda9fa6 Fix upgrade test eventually
8e7b3caa5c Allow k3s secrets-encrypt enable on existing clusters
01795824eb Bump rancher/systemd-node to v0.0.7 (SLES 16.0)
519317e02e Use Get, not Head for channel page
25dc06d9a9 Replace legacy ReplicationController with Deployment
4b2777b55f Expand docker upgrade test, sunset E2E upgrade test
cf90ac502d Add firewall section to check-config.sh (#13390)
a6c6cd15c0 Fix panic in test cleanup when client is unset
6840e435cd Fix event strings
2ac57a7e2c Fix prometheus metrics parsing
3943327933 Bump kubernetes v1.35.0 and golang v1.25.5
e060c0b18f Bump actions/upload-artifact from 5 to 6
650fed932d Validate collected files for release
7806fa6b9c Move sha256sum from workflow to script
d3732ec3fc Combine airgap and binary publishing steps
7c6c338e2f Fix release workflow
b27276dc81 Add job to lint all workflows on change
61e248b04c Reduce image pull spew
a5ab12b82c Reuse airgap workflow in release
d0052281a9 Fix arm airgap platforms
4116b53e86 Override DefaultHelmJob at build time (#13351)
c0b1314d15 Bump kine to v0.14.9
463678586d [main] Update to v1.34.3-k3s1 and Go 1.24.11 (#13308)
f223247d63 Pass platform option to `docker save`
b4b33afbde Bump kube-router to v2.6.3-k3s1
764e98cbb4 Bump kine to v0.14.8
613a5e4787 Bump runc to v1.4.0
aaa7fa237b Bump kine and etcd
d337570de1 Fix inconsistent curl flags in tests
c3ca02aa75 Move embed into separate package from executor
d582a0da84 Reorganize flannel consts and fields
d1989567ea Use patch helper for secrets-encryption labels and annotations
1cb80fbe75 Use patch helper for spegel annotations and labels
57210b87cc Use patch helper for node labels and annotations
713cf8fbde Use patch helper for etcd labels and annotations
2b39b6808a Use patch helper for etcd member controller
785cfad963 Use patch helper for etcd snapshot annotation patch
ceebaade3e Add JSON patch helper
efcf8eb7ac Move embedded flannel and vpn config setup into embedded executor
ec3cc04214 Move CNI execution into executor
b7ca944774 Move etcd metrics to separate package
543b6307a6 Define DefaultHelmJobImage in K3s, overriding what helm-controller defaults to. (#13258)
0d39c86b5c Move from ranchertest to mirrored-busybox
cd08e731f6 Fix naming convention for docker test import
572cc8e2bf Consolidate RunCommand between Docker and E2E tests
e3cc61c43c Update kube-router to v2.6.2
8e0676ad46 update busybox image version to 1.37.0 (#13237)
68749aac76 Bump actions/checkout from 5 to 6 (#13256)
96ed4393c1 Remove remaining references to drone
1262649fda update channels to 1.33.6 (#13246)
3de08883f7 Bump opencontainers/selinux
f726966062 Clean tools from runners before tests
74088f5175 Use docker containerd snapshotter for stable image digests
f783052df2 Fix airgap-extra-registry flag
af441c29a0 Add test for sharing imported images by digest
1037dcbff4 Add digests and source labels for imported images
9806524a48 Fix spegel ready checks to give server more time to find a peer
f0d54528d0 Stop waiting on CRI ready if context is cancelled
871094b5c6 Add multus e2e test
913005658c tunnel: handle pod IP reuse (#13212)
ed57fb5e61 Fix windows build os (#13201)
c86b66d05c Add id-token (#13209)
3cdb5f8cf5 Update to v1.34.2-k3s1 and Go 1.24.9 (#13204)
8215b940e3 Bump klipper-helm and helm-controller (#13187)
3530ab5915 Fix tailscale setup in case of an already running configuration
7146e2000e Fix apiserver starting before remote etcd is up
8f781acff4 [main] Add Prime assets upload (#13160)
858b109b92 Fix adding OwnerReferences to Nodes seen from initial list
e438a3c1a0 Bump containerd to v2.1.5
a2663f8884 Bump remotedialer to fix deadlock on connection close
fdc356a9ce Bump runc to v1.3.3
b8f6f958c8 Streamline E2E startup test (#13137)
b9e90d3e51 Don't look at head for upgrade channel (#13130)
2459bf7c84 Bump actions/upload-artifact from 4 to 5 (#13104)
72ca761529 Migrate Docker Image publishing to GitHub Actions
19e8f83d1d Only run arm64 and amd64 test stage on drone tags
e1238095f0 Bump kine to 0.14.6
9e1003029c Bump actions/download-artifact from 5 to 6
602d43081e Migrate dispatch pipeline into GitHub Actions (#13105)
d8790220ff Move node password secrets into dedicated controller
139d64c129 Create node-password secrets with custom Type
d622b18c20 Remove node password file migration code
0d9ef273d8 Remove node addresses from filter when node is deleted
171644cf0c Replace raw ListWatch with NewListWatchFromClient
d50a4a894e Fix invalid replaced versions
92a0b7eec2 Bump helm-controller/klipper-helm
cfcc9ef65e Add docker dualstack test (#13070)
5aca8e24b1 Update dispatch script (#13079)
6381cad10f rootless ports: add support for udp
517df31f65 Fix postgres DB container args for nightly conformance (#13069)
481cd6002a Bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#13026)
65932372c7 Bump github/codeql-action from 3 to 4 (#13065)
989c07f6a2 Bump actions/stale from 10.0.0 to 10.1.0 (#13025)
24dda29fb8 Cleanup wording and decisions on various ADRs (#13068)
0e5bc29d34 Bump kine for idle progress fix
e8e76e3cf3 move to 1.13.1
1511d362a4 Bump coredns to v1.12.4
701cc35b7a Bump kine=v0.14.4, etcd=v3.6.5
6ba8efd7a1 create policy hint only when all variables defined
09762a57df Update flannel, kube-router and cni plugins
ef6d6f4c36 Bump kine for postgres object count fix
89adabb672 Drop calls to rand.Seed
3190f30de8 Update stable channel to v1.33.5+k3s1 (#13017)
7a41cce152 Fix ability to rotate server token to an invalid format
565d50a3b1 Create dynamic-cert-regenerate file in CA cert rotation handler
6edbae331b Fix bootstrap charts
9a6f602c75 Fix handling of vendored dependencies in version script
39d89153da fix: default forward after override imports
59b4a9d738 Bump kine to v0.14.2 for schema fix
09845c9f00 Bump traefik to 3.5.1 (#12948)
d6e84ba2d1 Fix kine metrics registration without --kine-tls
a26fd3ba4d Disable metrics test pending resolution of upstream issue
1026725896 Enable debug logs for embedded mirror e2e
8347597031 Bump spegel to v0.4.0
ade82387f7 Inclusive naming proposal (issue: #12110, Orlin Vasiliev) (#12383)
1e45f1de72 Bump actions/stale from 9.1.0 to 10.0.0 (#12878)
908a0b91dc Fix install script raspi cmdline message (#12842)
3854eb56d4 Run upgrade test in dedicated drone step
5b19165e9e Fix pods readiness tests
a0ce2aaeaf Add sequential split-server test
bfdcc7bcc8 Fix etcd member promotion
626178624f Bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 (#12879)
14e919804d Fix garbled CLI (#12899)
4974fc7c24 Use sync.WaitGroup to avoid exiting before components have shut down
7e028854e7 Fix signal handling when pid 1
274498fb4d Add pkg/signals for signal handler setup
b61d6f3b81 Transfer cluster leadership before removing leader member
659f2a7014 Fix perpetual etcd member removal
a7d3c8559f Fix IPv6 handling for loadbalancer addresses
07d0711e5a Update hardened script for cis-1.11 (#12912)
0136cf2589 Remove NetworkManager check for nm-cloud.service
2f6283a92c chore: Bump Klipper Helm and Helm Controller version
9c6d0eb5cd Bump actions/github-script from 7 to 8 (#12881)
1b98629b2c Bump actions/setup-go from 5 to 6 (#12880)
bdb92296a5 Bump dynamiclistener for secret sync fix
67c23a20e3 Update to v1.34.1 (#12897)
7e253dbf02 Fix netpol fatal error when changing node IP
b3ac144e2d Move data dir into position before creating CNI symlinks
857412ae58 Add 1.34 release channel
a64d872c13 Add opencontainers/runc pin
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping distribution to version v3.0.0-157-gbd213792, which comprises the following commits:
33240507 chore: fix typo in comment
33bb5f60 build(deps): bump docker/bake-action from 6 to 7
6b6081e3 build(deps): bump docker/setup-buildx-action from 3 to 4
d56f9dae build(deps): bump docker/metadata-action from 5 to 6
887c2272 build(deps): bump docker/login-action from 3 to 4
d1f8bd9c build(deps): bump github/codeql-action from 4.32.2 to 4.32.5
021b69d5 fix: nil-check scheduler in `proxyingRegistry.Close()`
2957c891 fix: set MD5 on GCS writer before first `Write` call in `putContent`
fca6b9f8 build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0
eba1fb48 vendor: github.com/docker/go-events 605354379745
01a853e4 go.mod: remove outdated comment
2a52e901 vendor: github.com/go-jose/go-jose/v4 v4.1.3
3e841a3d vendor: github.com/spf13/cobra v1.10.2
10e0e8e4 vendor: github.com/bshuster-repo/logrus-logstash-hook v1.1.0
d2398c56 vendor: github.com/klauspost/compress v1.18.4
c4a0bd3f vendor: github.com/opencontainers/image-spec v1.1.1
f18b8d70 fix "prealloc" linting
775d3734 modernize code
abc9debf vendor: github.com/docker/docker-credential-helpers v0.9.5
b4f2af3f fix: sync parent dir to ensure data is reliably stored
5ddf7898 use filepath instead of path
9b79cf51 vendor: golang.org/x/oauth2 v0.35.0
ae7c498d vendor: golang.org/x/time v0.14.0
87a9711c vendor: golang.org/x/crypto v0.48.0, golang.org/x/net v0.50.0
aebf0612 vendor: golang.org/x/text v0.34.0
3e3e1539 vendor: golang.org/x/sys v0.41.0
00464063 vendor: github.com/sirupsen/logrus v1.9.4
f5d656e6 drop support for go1.23
60d2cd5c update to go1.25.7, alpine 3.23
efd7ffb9 Dockerfile: update tonistiigi/xx v1.9.0
f5e1a893 update golangci-lint to v2.9 and fix linting issues
9e377670 build(deps): bump github/codeql-action from 4.31.10 to 4.32.2
abcf7ebe fix: prefer otel variables over hard coded service name
3658dc56 build(deps): bump actions/checkout from 6.0.1 to 6.0.2
a89f0a40 build(deps): bump github/codeql-action from 4.31.3 to 4.31.10
0db7f0ce fix(ci): Fix broken Azure e2e storage tests
31a63333 Add Cloudfleet Container Registry to adopters
33dab393 Expose `useFIPSEndpoint` for S3
75a14d4d Add boolean parsing util
1ad03da6 fix: Logging regression for manifest HEAD requests
a260baf2 build(deps): bump actions/checkout from 6.0.0 to 6.0.1
b256f39b build(deps): bump actions/upload-artifact from 4.6.2 to 6.0.0
f1e4ae3d add return error when list object
d2b3a1fe build(deps): bump actions/checkout from 5.0.1 to 6.0.0
f7d65991 build(deps): bump actions/checkout from 5 to 6
c7da31eb "should" -> "must" regarding redis eviction policy
64f4511a refactor: remove redundant variable declarations in for loops
e0cb1712 build(deps): bump github/codeql-action from 4.30.9 to 4.31.3
ce3fa7fc Fix notification filtering to work with actions when mediatypes is empty
f1323c5b fix(proxy): sanitize challenge URL logs using Redacted()
6f719029 build(deps): bump github/codeql-action from 4.30.8 to 4.30.9
edde36cd feat(registry): Make graceful shutdown test robust
2f1a51dc client: add Accept headers to Exists() HEAD
b1c0fc55 Incorrect warning hint * Fix incorrect (old) warning hint
864a3212 build(deps): bump peter-evans/dockerhub-description from 4 to 5
8a5addfc Update the docs with correct information
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Go's module cache .info files store Origin.Ref as the "nearest tag"
used to derive pseudo-versions (e.g., v0.0.0-20190215142949-d0b11bdaac8a
stores Ref: "refs/tags/v0.3.0"). This ref is NOT a tag pointing to the
pseudo-version's actual commit - it's just metadata about the base version.
The generator was blindly using this ref as tag=v0.3.0;shallow=1 in
SRC_URI entries. BitBake resolves the tag to one specific commit, finds
it doesn't match the rev= parameter, and fails with:
FetchError("The revision the git tag 'v0.3.0' resolved to didn't match
the SRCREV in use...")
This caused multiple SRC_URI entries for the same repo (e.g.,
go.googlesource.com/sys) to all claim tag=v0.3.0 but with different
rev= values - only one could possibly be correct.
Fix by detecting pseudo-versions via parse_pseudo_version_tag() and
clearing the ref_hint so these entries use nobranch=1 without a tag,
falling back to full clone by commit hash. Tagged versions (real
releases) correctly retain their tag= parameter for shallow clones.
The docker-compose .inc files are regenerated with the fix applied.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping compose to version v2.26.1-948-ge8c214349, which comprises the following commits:
e8c214349 build(deps): bump github.com/moby/moby/client from 0.2.2 to 0.3.0
0ffb17117 build(deps): bump golang.org/x/sync from 0.19.0 to 0.20.0
eb6afa8d3 build(deps): bump github.com/containerd/containerd/v2
79d4fe3c1 build(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0
d7ec1eca9 update to go1.25.8
ffa8576d9 build(deps): bump github.com/moby/moby/api from 1.53.0 to 1.54.0
4915b775e fix: only pass ConsoleSize to ExecAttach when TTY is enabled
85d6770b7 Fix panic when watch rebuilds without up
81d7d3c60 fix: execute post_start hooks in docker compose run
f9828dfab modernize some code
da691c7cc pkg/compose: un-export consts
fefdc9522 pkg/compose: defaultNetworkSettings: slight refactor
08c32e903 pkg/compose: defaultNetworkSettings: return early for unsupported feature
bdb630fb8 pkg/compose: format layer push progress
3697b128a pkg/compose: format layer pull progress
b285e4897 pkg/compose: remove unused consts
8193d86d2 pkg/bridge: remove uses of go-connections
bfb5511d0 go.mod: bump github.com/moby/moby/api v1.53.0, moby/client v0.2.2
7abaa0661 build(deps): bump go.yaml.in/yaml/v4 from 4.0.0-rc.3 to 4.0.0-rc.4
3b0e8f538 build(deps): bump golang.org/x/sys from 0.40.0 to 0.41.0
af376603c update to go1.25.7
7f8814f4c Fix invalid path error when using OCI artifacts on Windows
af0029afe ci: use bin-image edge tag directly for e2e tests
b76feb66e ci: fix missing dependency on bin-image job
9dc7f1e70 ci: use docker/github-builder to build, sign and push bin image
03205124f ci: use docker/github-builder to build, sign binaries
8b769bad6 pkg/compose: remove dependency on github.com/docker/buildx/driver
671507a8b fix panic
56ab28aef compose: recreate container when mounted image digest changes Until now, mustRecreate logic only checked for divergence in TypeVolume mounts but ignored TypeImage mounts. This inconsistency caused containers to erroneously retain stale images even after the source image was rebuilt. This commit updates ensureImagesExists to resolve image volume sources to their digests using the official reference package. This enables ServiceHash (config hash) to naturally detect underlying image digest changes, triggering recreation via the standard convergence logic. An E2E test case is added to verify this behavior. Fixes #13547
e7d870a10 update to go1.25.6
d5bb3387c Fix potential nil pointer dereference in container event monitoring
d91fc6381 Upgrade GitHub Actions to latest versions
c51b1fea2 replace some uses of strings.Split(N) for strings.Cut
fa7549a85 Dockerfile: update golangci-lint to v2.8.0
a061c1773 fix: emit container status events after network reconnection
c5e7d9158 update to go1.24.12
3783b8ada fsnotify is set in Dockerfile
c428a7711 set fsnotify build tag when building for OSX
04b4a832d chore(lint): add forbidigo rules to enforce t.Context() in tests
27faa3b84 test: replace os.MkdirTemp with t.TempDir()
bcc0401e0 test: replace os.Setenv with t.Setenv()
093205121 test: replace context.Background()/context.TODO() with t.Context()
b92b87dd9 fix: robustly handle large file change batches in watch mode
06e128748 fix: update github.com/moby/term to indirect dependency
d7bdb34ff refactor(attach): remove unused stdin from getContainerStream
79d7a8acd refactor(attach): simplify attachContainerStreams signature
abd99be4f refactor(attach): remove unused detach watcher and keep attach behavior
2672d3421 Improve error handling in attach.go
27bf40357 Bump compose to v2.10.1
c8d687599 Fixed progress UI to adapt to terminal width
2f108ffaa handle healthcheck.disable true in isServiceHealthy
0a07df0e5 build(deps): bump github.com/sirupsen/logrus v1.9.4
02b606ef8 use go-compose instead Signed-off-by: tensorworker <tensorworker@proton.me>
985680294 fix: expand tilde in --env-file paths to user home directory
63ae7eb0f Replace tabbed indentation in sdk.md
f17d0dfc6 build(deps): bump github.com/go-viper/mapstructure/v2
ef14cfcfe build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0
b760afaf9 refactor: extract API version constants to dedicated file
a2a5c86f5 build(deps): bump golang.org/x/sys from 0.39.0 to 0.40.0
98e82127b build(deps): bump github.com/containerd/containerd/v2 to v2.2.1
03e19e4a8 go.mod: remove exclude rules
b2c17ff11 build(deps): bump github.com/klauspost/compress to v1.18.2
ec88588cd Removed build warning when no explicit build has been requested.
7d5913403 add service name completion to down command
d95aa57f0 fix: avoid setting timeout when waitTimeout is not positive
ee4c01b66 fix: correctly use errgroup.WithContext
d7a65f53f fix: correct typo in isSwarmEnabled method name
4520bcbaf fix: clean up temporary compose files after conversion
327be1fcd add unit test
59f04b85a remove duplicated version field
b4574c8bd do not strip build metadata
29d6c918c use github.com/docker/docker/api/types/versions for comparing versions and store plugin version obtained by pluginManager in newModelAPI
58403169f Only append RuntimeFlags if docker model CLI version is >= v1.0.6
6aee7f837 gets back runtime flags when configuring models
c89b8a2d6 warn user no service has been selected to build
aec9f5417 check model plugin is successfully loaded and store version
232197d36 build(deps): bump github.com/moby/buildkit from 0.26.2 to 0.26.3
81ba889be build(deps): bump tags.cncf.io/container-device-interface
8e5b25c0f Restored support for BUILDKIT_PROGRESS.
d4c198763 Prevented incorrect progress metrics to break compose display.
1297f97ae prefer aec library over raw ANSI sequences
55cded180 Avoid reassigning err variable
6c043929a Fix missing error handling in setEnvWithDotEnv
275033056 doc: do not mention v2 on README
e22426443 Introduced fsnotify build tag to select watcher implementation
6599f8ad8 add 'configured' event at the end of model configuration phase Currently when using models, the final message is 'confugiring' which could let users think the DMR configuration is still pending
3853ad391 prefer *task for memory efficiency updating tasks
02008a009 Restored image layer download progress details on pull.
4f419e509 build(deps): bump golang.org/x/sync from 0.18.0 to 0.19.0
b62cbed87 Fixed status alignment in progress UI.
aa9a71f37 run finalization synchronously
ac211e6e5 build(deps): bump github.com/docker/cli-docs-tool from 0.10.0 to 0.11.0
778a627b8 Set Go min version to absolute minimum version required
359d2f076 ci: use .go-version file for actions/setup-go
c9e0d83e1 ci: upgrade actions/setup-go from v5 to v6
3e206fdcc build(deps): bump golang.org/x/sys from 0.38.0 to 0.39.0
d12947e9f Fixed broken run --quiet.
0878c59a7 chore: fix grammatical errors and improve clarity in code
c0345e4f4 restore support for COMPOSE_COMPATIBILITY
9fada6cc2 Bumped build images: tonistiigi/xx:1.9.0, crazymax/osxcross:15.5
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version docker-v29.3.0-46-g1da6517e1a, which comprises the following commits:
da4a6385e6 client: New: ignore nil-Opt instead of panicking
fd8c58b1dc chore(deps): update docker/buildx-bin docker tag to v0.32.1
4e3929c00c fix "make validate"
ed24fb9f77 client: fix "gosec" linting false positives
571080854b client: go fix
7a2c307dee daemon: fix QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...))
2058a7e917 golangci-lint: ignore "G120: Parsing form data without limiting request body" in tests
64cd0966df golangci-lint: ignore "G101: Potential hardcoded credentials' in tests
aecf26ec02 client: go.mod: remove patch version
df294b20dd api: go.mod: remove patch version
44e1ccd0a3 client: add missing doc comments to config, secret, and node types
63fcb9ff6f client: add missing doc comments to container copy types
e0e4afd325 client: add missing doc comments to image tag, build cancel, and info types
a722b68f5c api/types/network: use blackbox testing for ports
91f3ec65e6 api/types/network: Port, PortRange: update godoc for "String()"
19ef53a52f api/types/network: add Port.Port()
4c24542e95 api/types/network: Port,PortRange: don't panic on zero values
d2bfe414bd client/internal/mod: also consider main module
835a376948 client: set default user-agent based on module version
1bb13378c5 client: update examples
6c0524748e vendor: github.com/containerd/containerd v2.2.2
011c4451b4 go.mod: add back replace rules
143022931e Dockerfile: update containerd to v2.2.2
c266b4fe9b update to go1.25.8
2f457226ae hack/test/unit: avoid unbound pkg vars with set -u
588e5adf41 bugfix: handle duplicate exit events via task status
e064824bbf ci: module-replace: ignore Dockerfile for api changes
fe8c9d94c4 vendor: github.com/containerd/ttrpc v1.2.8
5af43607b0 vendor: github.com/moby/moby/client v0.3.0
36771868a6 vendor: github.com/moby/moby/api v1.54.0
4569055e13 Drop replace rules
2fa6029be4 network/connect: Support MacAddress
5db1685516 daemon: add regression test for getSourceMount
71c48150eb gha/labeler: Remove *_test.go from area/testing label
13a8626eeb daemon/devices: Turn RegisterGPUDeviceDrivers into func
561a5a9b36 Use CDI for GPU injection for AMD devices for --gpus
23b30dc35d vendor: update buildkit to v0.28.0
e5a54400b5 chore(deps): update crazy-max/ghaction-github-runtime action to v4
36b2266e75 internal/testutil: drop semconv dependency
5e87fcdc73 Update cloudflare/circl to v1.6.3
17aa4f26e7 client: remove WithAPIVersionNegotiation from example
7bf688478b client, api: add back replace rules
e04bd2649e Rename disk usage properties in v1.54.yamlBackport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.54.yaml.
5272ef1422 Backport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.53.yaml.
076100ddcc Backport c07043e36f11c060992fb11b2ca3aa8200c393b4 to api/docs/v1.52.yaml.
c07043e36f Fix /system/df in swagger.yaml.
425bc6efcb integration/image: pull ppc64le and s390x in TestSaveAndLoadPlatform
36a89adc82 integration/capabilities: Switch to debian:trixie-slim
5f63e8548e integration/container: use page-aligned shm size to fix test on ppc64le
f966ff43e3 vendor: github.com/moby/moby/client v0.2.3-rc.1
6e4c253e04 vendor: github.com/moby/moby/api v1.54.0-rc.1
badfa8b3ae Drop replace rules
74ad89c189 api: Cut v1.54
57e197fd21 chore(deps): update github artifact actions
be312cbe79 fix(deps): update module golang.org/x/net to v0.51.0
4e606a0154 gha/vm: Limit to cgroup-related integration packages
1433bee87d image: refresh identity cache entries before expiry
59bf6b30c1 image: add identity cache backend walk and prune expired support
ab58f4fa4a vendor: update buildkit to v0.28.0-rc2
3aef780b0a image: identity unit and integration tests
fae834d543 image: warm identity cache on image changes
2ba7c77be1 image: cache image identity signature lookups
e22eb8cb2d image: move image identity logic to dedicated file
6d133c5ec6 image: add opt-in identity support to image list API
434b8a2a51 chore(deps): update docker/compose-bin docker tag to v5.1.0
dbc13e8e43 fix(deps): update module github.com/containerd/cgroups/v3 to v3.1.3
b6073b1016 fix(deps): update aws-sdk-go-v2 monorepo
205266169b fix(deps): update module github.com/godbus/dbus/v5 to v5.2.2
90b19dc740 fix(deps): update opentelemetry-go monorepo to v1.40.0
40f06bf418 Reapply: daemon/command: add support for sd_notify "reload" notifications
2ac82f44af container/prune: Don't fail early on layer size errors
989e590f52 vendor: update buildkit to v0.28.0-rc1
0e7c8176e8 api/types: add MediaType pseudo-type, and touch-up docs
0d4d067f68 client: fix some comments
2283e0351c daemon/server/httputils/logstream: Write: tidy-up stream handling
b55842c85f daemon/server/httputils/logstream: Write: handle context cancellation
d593a7b427 daemon/server/httputils: move WriteLogStream to its own package
f9a213ffc4 client: Client.Events: prefer json-lines, ndjson over json-seq
41e7a3de0a client: container, service logs: skip "tail" parameter if not needed
35fdcb802c api: improve, fix content-negotiation for /events endpoint
dff0d87430 daemon/server/httputils: contenttype package and MatchAcceptStrict utility
99add78b1f daemon: send systemd READY=1 after API serve loops start
320b010add api/docs: add "platform" param for `GET /image/{name}/json` (API v1.49-v1.53)
927d7d1045 api: swagger: document "platform" param for `GET /image/{name}/json`
71b5e2cc7d daemon: CDI: fix missing error in logs
aa011fc482 daemon: fix spurious "ShouldRestart failed" warning on shutdown
5f3c4002bd daemon: fix "Daemon shutdown complete" log arriving too early
be32017b9d daemon/containerd: don't log warning for stopped containers on startup
a436529bbc libnetwork: nftabler.Cleanup: pass context and make logs more useful
78d8942c66 daemon/logger: cleanup some tests
a2edf4798d client/pkg/streamformatter: refactor
81414a6eb1 client/pkg/streamformatter: use blackbox testing
5f10e5fdfa client/pkg/streamformatter: add TODO for NewLines option
dee810c0dc client/pkg/streamformatter: jsonProgressFormatter: remove unused code
fe6838cf4c client/pkg/streamformatter: optimize appendNewline
71025997bc client/pkg/streamformatter: remove redundant nil check
cf4d504c29 client/pkg/streamformatter: fix faulty TestNewJSONProgressOutput
e3e1167c00 client/pkg/streamformatter: remove redundant cmp-opts in test
21706fb5cd client/pkg/progress: reduce some wrapping
8b4edd73b3 client/pkg/jsonmessage: make DisplayJSONMessages accept a iter.Seq2
eb14c7bfd8 daemon: Daemon.getInspectData: unify platform-specific fields
d71f8560e4 daemon: remove obsolete warning for legacy "overlay"
f96921e5e5 api: lower default minimum API version to v1.40
e2fad779f7 api: restore support for API v1.41, v1.42, and v1.43
225a61e5f0 integration: raise timeout for "vm" tests
9eb56a9225 client/internal: export stream type
e30b1d5495 daemon: Fix DNS config corruption on reload
c5a0bfd9ff client/pkg/jsonmessage: fix typo in godoc
bdede35717 api/types/jsonstream: add sanity-check for Message marshaling
d00882aff2 api/types/jsonstream: prevent panic on nil-Error
02c0f96405 hack/dockerfile: fix tini build with newer CMake versions
254158991a daemon: remove deprecation warning for "windows-dns-proxy" feature flag
9d77f4a0e4 daemon/container: Container.TrySetNetworkMount: use switch
9a9106b71a api/types/swarm: PortConfig: add Compare method
7cfe94a34e daemon/libnetwork/osl: don't chain "WithXXX" for logs
b7a404d94d migrate TestSwarmCAHash to Integration Test
fadc29b86f libnetwork: send neighbor advertisements on restore
21d383fca5 modernize: waitgroup
9e093be715 daemon: Daemon.loadContainers: use WaitGroup.Go
62f1a1772c daemon/internal/metrics: CleanupPlugin: use WaitGroup.Go
cc5d36b2db daemon: Daemon.restore: use WaitGroup.Go
c6ca7d49f9 Revert "daemon/command: don't make notifyReady(), notifyStopping() asynchronous"
5bdfdc0919 Revert "daemon/command: send notifyReady, notifyStopping synchronous"
ddb636c2bd Revert "daemon/command: add support for sd_notify "reload" notifications"
538c494d2b daemon/containerd: singlePlatformImage: remove contentStore arg
a85d62fdfa Makefile: fix DOCKER_LDFLAGS example
34653f13ee daemon/libnetwork: update go:generate import paths
786528f38f integration/daemon: remove stray "import" comment
c59fad9140 fix(deps): update github.com/moby/policy-helpers digest to 824747b
fea88ec7da daemon/internal/metrics: CleanupPlugin: minor cleanup
eda57913fc daemon: NewDaemon: update log that chained "WithField"
f3fae5d18c daemon: Daemon.restore: pass through context to daemon.register
53232b1319 daemon: Daemon.restore: use correct logger
3ba816f747 daemon: Daemon.restartSwarmContainers(): reduce nested if
107724f022 Remove direct dependency on code.cloudfoundry.org/clock
146c702f24 Fix missing error check in ContainerTop on Windows
381ca65f34 vendor: golang.org/x/oauth2 v0.35.0
9db7dfa93b vendor: golang.org/x/tools v0.42.0
fa509b5b4a vendor: golang.org/x/mod v0.33.0
05918ae874 vendor: golang.org/x/net v0.50.0
873288917c vendor: golang.org/x/crypto v0.48.0
a464d5ce05 vendor: golang.org/x/term v0.40.0
c69b6a1ea1 vendor: golang.org/x/text v0.34.0
641cf3c34e vendor: golang.org/x/sys v0.41.0
8e5c906a3c daemon/internal/builder-next: add executorOpts struct
52c122b7f1 Dockerfile: update docker CLI to v29.2.1
39d5be178b builder-next: prevent "invalid IP" used for DNS
9e172b47d4 builder-next: remove some intermediate vars
f758cf5f00 builder-next: close boltdb instances on error
83b04feb86 daemon/volume: cleanup some logs
7fef0b66f6 daemon/volume: don't print warnings for non-volume directories
d9f16785f9 daemon: warn for unmet system requirements after service registration
8ba81896fb daemon: CheckSystem: use sync.OnceValue
b8c6046f74 daemon: allow service registration on Windows with missing system dependencies
5bb55365c5 forwardExtDNS: Don't cancel context then use it
b29dbcf5ca migrate to github.com/pelletier/go-toml/v2
c50290185f vendor: github.com/mistifyio/go-zfs/v4 v4.0.0
52836336a9 daemon/container: Container.Reset: use early return
80bfc74230 daemon/container: Container.Reset: use structured logs
7378207260 daemon/container: Container.Reset: remove "lock" argument
1b9e1c8add daemon: fix getSourceMount to handle multiple mounts at same path
Bumping docker-cli to version v29.2.1-10-gdf016a3a9, which comprises the following commits:
5eb91665d docs: fix typos
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 1.26-160-g393509db, which comprises the following commits:
0a3e929f utils: fix memory leak and missing cache in libcrun_initialize_apparmor()
63ce25da container: delete the container on poststart hooks failures
b0847b3e Document error handling
cf27a14b fix(utils): use parent dir fd for bind on long socket paths
aca98960 fix(hooks): log warning when poststop hooks fail
115ac2e6 cgroup: preserve errno on errors in rmdir_all_fd
4db1709f libcrun: check setenv failure
8feac6b9 fix(utils): retry fgetpwent_r() on EINTR
52b7016f pass cgroup2 mount options to the kernel
30426104 tests/podman: exclude --tls-details tests
6e43ff33 tests/podman/run-tests.sh: fix ginkgo args
fa7a5561 tests/podman/run-tests.sh: untangle -skip arg
3a1addc7 fix(python): initialize error variable to NULL in Python bindings
00206a80 channel_fd_pair: fix CPU busy loop when output pipe is blocked
dbd02baa criu: show excerpt from log file on c/r error
34143735 hooks: allow ignoring chdir permission errors for container hooks
11af5b2d crui: simplify criu_check_mem_track error message.
8d0ef603 container: remove dead code in setup_terminal_socketpair
6c5c957e container: fix createRuntime hooks not receiving bundle path
d24d0283 criu: check for criu_check_version error
3ade23f4 plans: install iptables-legacy on CS9
3e41e53b Packit/TMT: re-enable centos-stream-10-x86_64 tests
c46a44a8 restore: fix memory leak
7cec3cb2 build(deps): bump actions/upload-artifact from 6 to 7
4e0e2679 mounts: fix error message argument
be231d3c ci: bump shellcheck to v0.11.0
b36ec403 ci: fix go-md2man installation
35648b9b tests: switch from docker hub to quay for Fedora
5002665f tests/clang-check: install clang-analyzer
bdf9c902 status: drop unnecessary strtoll
11701f43 criu: fix missing umount() in error path
314c2efa utils: refactor set_home_env
aecd620a libcrun: document vfork shared error
04d7a341 cloned_binary: do not close file descriptor twice
3f72f325 ci: simplify codespell job
47c36ca5 linux: do not use errno after success
a278c6d1 linux: drop unnecessary xasprintf result check
3e313388 linux: do not leak error
434d77cb cgroup-systemd: do not use errno after success
335792b1 scheduler: add diagnostic messages for SCHED_DEADLINE
4db170c5 criu: do not ignore errors with ret != -1
036132e2 cgroup: do not clobber errno
1649a4d3 container: do not use bogus errno
2e527065 linux: do not use errno without failure
a0be577a tests/podman: exclude ever failing test case
e38674bc linux: fix copy_from_fd ownership
8fa73419 linux: drop unnecessary code
60d8a60e linux: do not leak error
9a232317 utils: do not use errno after success
d5b20987 container: do not use errno after success
e2c09bfd ci: use git diff --exit-code
f1c6ca6a ci: fix test (check) flake
69d39045 linux: create error from uidgidmap_helper
1492e83c cgroup: fix read_pids_cgroup skipping child cgroups
c5879bab container: make return clearer
a154b398 container: return the error from cgroup_killall
899b9faa seccomp: fix n_plugins calculation
463e277a krun: Rename nitro module to awsnitro
b32f895b container: fix exit code return
a6023b10 container: add missing crun_make_error
52294f84 libcrun: standardize error code after yajl_gen_alloc
59da15f3 container: add missing yajl cleanup
5082e02d container: do not leak error
a83a4cf9 container: improve error handling after libcrun_copy_config_file call
6733e20c linux: use crun_error_wrap
0f367791 container: do not use errno after successful calls
29bb32d8 linux: do not use errno after successful calls
e7ffed11 krun: fix error arguments
34c1e098 krun: avoid redundant crun_error_release() call
dedcdd67 krun: do not release error when *err is uninitialized
671740dd krun: fix error code
1644fb0e container: fix error leak
649d568a krun: fix error return
41a14fe8 krun: Propagate crun log level to libkrun
2bff1297 libcrun: add `krun.` as a potentially unsafe annotation
41941f2c krun: parse annotations for krun.{cpus, ram_mib}
625226de krun: parse annotations for krun.variant
f311dc07 Add handler phase HANDLER_CONFIGURE_BEFORE_USERNS, and move krun setup to it
488f301d linux: check for def->linux
b1a71725 linux: check for [ug]id_mappings before accessing them
df771204 krun: Set exec args when running nitro variant
b78e9868 krun/nitro: Redirect enclave VM output to stdout
bf288342 krun: Remove specific function for nitro config
8e8186b3 hooks: exit immediately if poststart hooks fail
88f55126 AGENTS.md: new file
71077a22 utils: flush gcov data before closing files
3241e671 NEWS: tag 1.26
5bee6a06 utils: handle NULL container passed to libcrun_open_proc_file()
4df0d339 cgroup: rename enter_cgroup_subsystem
6c98db0b tests: add tests for crun custom annotations
29a39ebf tests: add cgroup unit tests for coverage
3ef2a77f tests: add more utils unit tests for coverage
87997df0 tests: add seccomp_notify unit tests for coverage
890fff10 tests: add chroot_realpath unit tests for coverage
440e3b09 tests: add mount_flags.perf unit tests for coverage
869343fb tests: add signals.perf unit tests for coverage
2a3193ab tests: add logger info to checkpoint_restore
72793562 tests: add linux.c integration tests for coverage
1407bb39 tests: add linux.c unit tests for coverage
638266c7 tests: add error handling coverage tests for linux.c
b18734b5 tests: add namespace coverage tests for linux.c
8a26d6ba tests: add comprehensive tests for custom-handler.c
a968a262 tests: add more unit tests for error.c coverage
935eb0c7 tests: improve error logging and add more coverage tests
035f2a07 tests: ignore profiling output in test_simple_delete
b9781954 tests: fix memory-high test to use unified resources
1bbe7e22 tests: add more seccomp tests for coverage
07d6400b tests: add error handling tests for coverage
422f4b87 tests: skip mount-bind-to-rootfs in rootless mode
5cad31a4 tests: improve sd-notify-proxy test error handling
bc91dd35 tests: fix checkpoint/restore tests for stability
f5e6c330 tests: add Linux features tests
58e00a52 tests: add I/O priority tests
ae06b46c tests: add create command tests
1e5f7ec5 tests: add cgroup setup tests
89b124e0 tests: add namespace isolation tests
14dcfea1 tests: add scheduler policy tests
7543b013 tests: add comprehensive OCI lifecycle hook tests
1404ccaa tests: add terminal tests for coverage
5ce5ad6d tests: add comprehensive update command tests
6a3fdc16 tests: add command tests for pause, unpause, kill, list, ps, spec
2959911b tests: skip resources-cpu-weight-systemd when systemd cgroup fails
90d6390c tests: skip bpf-devices-systemd when eBPF installation fails
cfe9a063 tests: fix variable names in test_bpf_devices logger calls
3f73b0f2 tests: add more seccomp tests for coverage
ec0f5cf8 tests: add network device tests for coverage
24f2491c tests: add more BPF device filter tests for coverage
360406d7 tests: add cgroup resources tests for coverage
ba669d8e tests: add cgroup manager env var support
06541b69 tests: add multi-environment coverage script
f9385a6c tests: remove unused Makefile
bab81968 tests: add exit command to init
49e080a1 coverage: add _safe_exit macro to flush gcov data before _exit
26900326 criu: fix error release
2805abde container: fix error release
1b8e2a39 crun.1: add documentation for criu config files
ec7325a3 tests: add tests for criu config set via rpc
17f23ac2 criu: enable setting of RPC config file
de8d3288 krun: do not leak handles on error
0b3c673f build(deps): bump actions/cache from 4 to 5
456dd8e2 build(deps): bump actions/upload-artifact from 5 to 6
d833dac0 libocispec: sync
4798015e build: add tests coverage
b4db5d32 tests: use hide_stderr=True to avoid coverage output interference
bfbb68eb tests: do not call function twice
a1d5168d tests: replace all sys.stderr.write calls with proper logging
11a43732 tests: improve TAP skip reason reporting with specific explanations
0be79fe8 tests: add slow test detection and warnings to TAP output
8e9ef557 tests: enhance TAP error reporting with more diagnostic information
6d4cd432 tests: add writable /tmp tmpfs mount to base test configuration
7ca36e36 tests: remove debug print statements in test_hooks
6607eb2f linux: run createContainer hooks before making root RO
baec9675 libocispec: sync from upstream
c5d5f185 tests: install honggfuzz from sources
d2b00600 linux: handle openat error
b106e250 container: fix error release
156ae065 NEWS: tag 1.25.1
60a9183e build(deps): bump actions/checkout from 5 to 6
332c2188 utils: invalidate proc_fd on open_proc_file
50e9898f utils: use fsopen to open reference to proc
2e86c95a src: move syscall wrappers to new file
c2fa3c6a cgroup-systemd: use open_proc_file to get cgroup path
8e9ae3d4 cgroup: use open_proc_file to get cgroup path
1aeac1e8 linux: use open_proc_file to setup namespaces
0f200e55 linux: use open_proc_file to setup net devices
4be73c6d linux: use open_proc_file to initialize security
30c575e5 utils: use open_proc_file for mark_or_close_fds_ge_than
da40063a linux: use open_proc_file to open current mountns
7172631e linux: use open_proc_file to setup oom score
8822a5e6 linux: use open_proc_file to setup sysctls
b66a8990 linux: use open_proc_file to setup timens_offsets
3f5258a0 linux: use open_proc_file to setup userns mappings
064bbfe4 container: use open_proc_file in resolve_rootfs_path
58856b56 utils: add functions to open files under /proc
d9a0adce NEWS: tag 1.25
d94659a3 podman: disable artifact test
0fc276cc cgroup-systemd: enable all accounting properties to ensure stats are readable
9feec597 libcrun/cgroup: always enable TasksAccounting for systemd
078e2d6d build(deps): bump actions/upload-artifact from 4 to 5
6b12c6a8 Libcrun/container: Fix double allocation of 'err'
b718483c Libcrun/seccomp: fix double allocation of 'err'
65532fc5 build(deps): bump github/codeql-action from 3 to 4
a9187097 Reset the inherited cpu affinity
crun/ocispec: update to
5a0e037 source: fix ByteArrayHandler nested array parsing
03bae1d source: add missing emit_clone() to BasicMapArrayHandler
dbb5155 source: fix invalid else() syntax in byte array generation
692b0b6 source: fix typo in ByteArrayHandler nested array parsing
2acd6dc source: fix mapStringObject clone to copy len and keys
c7ce09d ci: print test-suite.log on test failure
8cff3b9 tests: add test-12 and test-13 for better coverage
16a30ff source: add NULL check to generated clone functions
507cf52 source: fix BasicMapType.emit_clone() to handle NULL maps
2c8d0f8 gitignore: update
a425a84 source: rename doublearray to nested_array
7d7e02c source: add struct-level methods to TypeHandler classes
dc24f9a source: refactor ArrayType using ArraySubtypeHandler classes
fed6acc source: add BooleanPointerType.emit_generate() and emit_json_value()
81ff1fa source: document ObjectType.emit_clone() design decision
d91d34a source: add emit_gen_key_with_check() helper
11b951f source: extract get_compound_children() helper
4ff4117 source: inline c_file_map_str() into make_c_free()
e59b696 source: inline c_file_str() into ArrayType.emit_free()
337925c source: inline trivial wrapper functions
73e8f9e source: inline array functions into ArrayType handler
df11b0a helpers: rename judge_* functions to clearer names
45a1b35 source: skip handler for object type in make_clone()
31824dc source: remove dead code in read_val_generator()
b49928d source: remove dead code in make_c_free()
20de7a4 source: add emit_clone() to MapStringObjectType and BasicMapType
971a65b source: add ArrayType handler for array operations
633c0b5 source: add ObjectType, MapStringObjectType, and BasicMapType handlers
141fa50 source: use TypeHandler in make_c_free() and make_clone()
2fc8679 source: use TypeHandler.emit_parse() in parse_obj_type()
c3686db source: add TypeHandler classes for type-specific C code generation
c174b06 source: remove superfluous else after return
858f199 source: remove dead code in make_clone()
6ae8e2d source: consolidate numeric type conversion with helper function
a23b40c source: apply emit_gen_key() helper to get_obj_arr_obj()
717d035 source: apply YAJL helpers to get_c_epilog_for_array_make_gen()
6dcd043 source: apply YAJL helpers to get_c_json()
a2cc69b source: apply YAJL helpers to get_obj_arr_obj_array()
7f5fcb5 source: apply YAJL helpers to get_map_string_obj()
aa9271c source: add YAJL generation helper functions
3366b93 source: add emit_invalid_type_check() helper for YAJL validation
05ee4de source: add emit_value_error() helper for error wrapping
7a62656 source: add emit_asprintf_error() helper to reduce boilerplate
4d2f6e5 source: add do_read_value() helper to reduce boilerplate
d37383d source: convert parse_obj_type() to multi-line f-strings
39fa66d source: convert make_c_free() to multi-line f-strings
d62a55f source: convert make_c_array_free() to multi-line f-strings
112ab7f source: convert c_file_str() to multi-line f-strings
41596b9 source: convert c_file_map_str() to multi-line f-strings
a2fd73f source: complete get_obj_arr_obj_array() conversion to f-strings
66e333d source: convert get_obj_arr_obj_array() to f-strings (object branch)
47e7dc5 source: convert get_map_string_obj() to multi-line f-strings
ae23175 source: convert parse_obj_type_array() to multi-line f-strings
002af18 source: convert parse_map_string_obj() to multi-line f-strings
e80d362 source: extract check_gen_status() helper pattern
46ce297 source: extract calloc_with_check() helper pattern
cc817ed source: continue null_check_return() pattern extraction
419526a source: extract null_check_return() helper pattern (partial)
064fcbb source: extract free_and_null() helper pattern
7579c03 source: add emit() helper function for code generation
c8a5437 gitignore: update
b355817 runtime-spec: update
819972d image-spec: update
ea4906b Check 'src' before dereferencing
345279c runtime-spec: update from upstream
Bumping runtime-spec to version v1.3.0-11-g6f7b71c, which comprises the following commits:
53abf18 ci: bump golangci-lint to v2.10
90a6479 Fix an error in the docs
4361740 schema: fix definition for array type
04836b1 schema: fix path for uint32 type
c668b01 config-linux: allow empty strings in memory policy nodes field
9d0d4bc version: v1.3.0+dev
9224913 version: release v1.3.0
4df3d11 Mention FreeBSD platform
a257beb Add minimum supported Go version to CI (#1303)
afdbcb8 Add FreeBSD as a platform
75d79ee ci: use oldstable and stable Go versions
9efd9f2 schema/defs-linux.json: fix max for FileMode
09ec668 config-linux,schema: fix FileMode description
Bumping image-spec to version v1.1.1-28-ga4c6ade, which comprises the following commits:
fccd049 Fix: Make the config field optional
b71c0df Add missing backtick
431b3be Update OCI Image Implementations list
02ba6e2 Descriptor size cannot be negative
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
** CRIU 4.2 fails to cross-compile with:
No rule to make target '/usr/include/google/protobuf/descriptor.proto'
Upstream commit 7fbf7b2be removed the build-time symlink for
descriptor.proto and replaced it with a Makefile rule that resolves
the path via pkg-config and passes it to protoc. Both the pkg-config
query and the protoc --proto_path are hardcoded to host paths.
This breaks cross-compilation because pkg-config --variable=includedir
returns the raw host path (/usr/include) without applying
PKG_CONFIG_SYSROOT_DIR. The sysroot prefix is only applied to -I
flags from --cflags, not to raw --variable queries.
Add a patch introducing an overridable PROTOBUF_INCLUDEDIR make
variable and pass the sysroot-prefixed path via EXTRA_OEMAKE. Remove
the old do_compile:prepend symlink workaround which no longer applies.
And then we pickup the following changes:
3c7d4fa01 criu: Version 4.2 (CRIUTIBILITY)
0a7e7d09d log: use sizeof(*hdr) instead of sizeof(hdr)
e689d902b criu/log: properly handle truncated length from vsnprintf
6344e8d71 cr-servce: move kerndat_init after log_init
a525b3c32 test/vdso-proxy: handle merged vma-s
ce680fc6c Revert "plugins/amdgpu: Implement parallel restore"
1d08ff8ca coredump: fix handling of num_pages
cb8e1da3f coredump: use compat_nr_pages as fallback
0fa6ff3d1 test/others: add tests for check() with pycriu
567f70ce1 test/others: add test for check() with libcriu
a1dc88502 test/rpc: update errno check
3c841af2c pycriu: use explicit imports for __init__
f7ccb63bd pycriu: set RPC opts for CHECK
9371c4a78 cr-service: refactor RPC opts parsing for check()
72ca94db4 cr-service: refactor logging setup
5966ffe8a cr-service: refactor images_dir path resolution
60a731ab3 cr-service: drop images_dir from setproctitle
ee4100c09 cr-service: refactor images/workdir setup
71a637923 pycriu: set default value for sk_name
d2c46b92b pycriu: better socket error handling
7aad7317b lib/pycriu: changing the default behavior to use the system binary
3f97cfe87 test/libcriu: check setting of RPC config file
2878faa74 libcriu: enable setting of RPC config file
07ad2473f Use command -v instead of which
afcfcd3bf ci: add which dependency in dnf packages
686018147 ci: add wheel and setuptools in dnf packages
d3dfb663b make: don't install external dependencies
f74e68daf ci: verify call order of action-script hooks
f824dc735 ci: consolidate action-script tests
d5c81f810 pycriu: prevent always appending "Unknown" to error messages
540c631dd pycriu: add missing protobuf dependency
a5ae3c184 pycriu: set licence to LGPLv2.1
697c31abe zdtm: shstk: add SHSTK_ENABLE test build option
6fd71b9ee x86/criu: shstk: restore SHSTK via premap loops
abf4a71d9 x86/criu: shstk: add shstk_vma_restore()
02462c19c restorer: shstk: allocate restorer shadow stack
b18c07d8a restorer: shstk: add shstk_min_mmap_addr()
f29cb750d x86/criu: shstk restorer memory accounting functions
3365c7c02 restorer: shstk: add restorer shadow stack stubs
bb9a7202a test/others/rpc: show logs on error
9d072222e test/others/rpc: parse action-script via config
c03c08d1b cr-service: refactor rpc config parsing
dcce9bd0e zdtm: add a test for --allow-uprobes option
f548d3af4 crtools: remove "consult documentation"
aeec40bf0 docs: add documentation for --allow-uprobes
bab72af9a vma: introduce --allow-uprobes option
74bf40fee crit: add VMA_AREA_UPROBES flag
0ff2e0a66 criu-coredump: add VMA_AREA_UPROBES flag
7bf402f6b vma: introduce VMA_AREA_UPROBES flag
520266d89 zdtm: add sk-unix-restore-fs-share test
790b3cf42 ci: run alpine tests on arm64
77553f07d make: prevent redefinition of 'struct sigcontext'
3379c122e page-xfer: fix incompatible pointer type on armv7
7a4b35a91 contributing: update links to mailing list
76394e93a ci: consolidate aarch64 tests on GitHub runners
0a81dc8bb ci/java: update base image from focal to jammy
b25ff1d33 Remove travis-ci leftovers
25f8be0f6 ci: use package-manager dependency install scripts
67751bc11 docs: add developer overviews for AI assistants
91758a68e zdtm: Remove junit_xml leftovers
2d2168fc9 vdso: relax EI_OSABI check to support linux in ELF header
2e26b36d4 pagemap: print page regions in the format `start - end`
7e0da4d97 pagemap: use unsigned long for page counts
afb2e6c3f pagemap: change PagemapEntry.nr_pages to uint64 to support huge mappings
c7395f4cb files: fork helpers without CLONE_FILES | CLONE_FS
a8c5e1171 lsm: use attr/apparmor/current to get apparmor label
80c280610 compel/mips: Relax ELF magic check to support MIPS libraries
053a22a23 pagemap: prevent integer overflow in pagemap_len
a779417a3 zdtm: stop importing junit_xml
254ba3e8c ci: avoid Docker 28 due to regression
4b7398595 criu/sockets: Restrict SO_PASSCRED and SO_PASSSEC to supported families
fa1b39906 zdtm/static/sock_opts00: use unix socket to test SO_PASSCRED and SO_PASSSEC
2ba343010 test/zdtm/static/maps12: fix pointer-to-int cast
dcee5bd6f make: Disable branch-protection for PIE code on ARM64
98f2bd525 ci/vagrant: install vanilla kernel for Fedora Rawhide test
01265cfc6 test/zdtm/static/maps12: add madv guards test
9c0f725a6 criu/mem: dump: note MADV_GUARD pages as VMA_AREA_GUARD VMAs
59b4d662a criu/pie/restorer: add madvise(MADV_GUARD_INSTALL) restore logic
63c702968 criu/{mem, vdso, cr-restore}: introduce VMA_AREA_GUARD fake VMAs
cc047d595 criu/mem: dump: skip MADV_GUARD pages content dump
5843cbf97 criu/mem: refactor should_dump_page helper
42580fcb1 criu/pagemap-cache: pagescan: look for PAGE_IS_GUARD pages
1873e8f50 cr-dump: warn if MADV_GUARD is supported but isn't shown in pagemap
4fc07a8a4 kerndat: add pagemap_scan_guard_pages feature check logic
2bb77daa9 kerndat: add madvise(MADV_GUARD_INSTALL) feature-detection
fce491113 criu/include/mman: define MADV_GUARD_INSTALL
5f94dd71e CI: Consolidate arm64 tests on GitHub runners
c6c6f6f23 zdtm/socket-tcp-closing: fill socket buffers effectivly
d586b30c6 vagrant: fix tar including archive in itself
2762b21e4 vagrant: update image to fedora 42
0d1e280d0 vagrant: fix 'qemu' install
64276874d restore: flush caches during restore
95d5e2e59 compel: flush caches after parasite injection
22c83e3eb images/Makefile: use msg-gen
066bf7bf3 Keep images/google/protobuf directory
21c3b9c00 images/Makefile: fix using $(Q)
7fbf7b2be images: remove symlink for descriptor.proto
455c67739 zdtm: Add ztatic/mnt_ext_file_bind_auto test
e31828ed8 mount: Fix trailing / when a file is bind-mounted
3dc865bc8 test: add static tests for ICMP socket
a80c54484 sk-inet: Add support for checkpoint/restore of ICMP sockets
677a56891 zdtm/netns_sub_sysctl: skip unsupported sysctls
87bd09a0d net/sysctl: make ipv4/ping_group_range work in user namespaces
45d09ae17 net/sysctl: fix broken ipv4_sysctls_op
4f057a6ae net/sysctl: fix missprint in an error message
4c7d42f67 ipc/sysctl: fix CTL_FLAGS_IPC_EACCES_SKIP by making it a flag
922754dff rpc/log: return first error always
a79b33d0c cpuinfo: show error when image is missing
99ba6db89 crtools: do a few minor cleanups
fcbaac059 crtools: simplify check for cpuinfo subcommands
fbfed312e feat: introduce Nix flake
5f18ca1bb test/zdtm/static: add maps11 test for MAP_DROPPABLE/MADV_WIPEONFORK
dfa0ce180 test/zdtm/static/maps02: add MAP_DROPPABLE testcase
4f9dcfb9c pycriu/images/pb2dict: add MAP_DROPPABLE flag
b90cfc1a8 criu/proc_parse: support MAP_DROPPABLE mappings
6476488a5 test/zdtm/static/maps02: add MADV_WIPEONFORK testcase
af5412a43 criu/proc_parse: support MADV_WIPEONFORK/VM_WIPEONFORK
2b8951a9c image: use `protoc` instead of `protoc-c`
1fdff7c7a zdtm: fix check for criu binary
ae1395de1 zdtm.py: add an option to change pycriu import path
7a5b3d1f4 plugins/amdgpu: Update `README.md` and `criu-amdgpu-plugin.txt`
a61116fd9 plugins/amdgpu: Implement parallel restore
e8ba7c103 plugins/amdgpu: Add parallel restore command
1fd1b670c plugins/amdgpu: Add socket operations
e257d0497 pstree: Add `has_children` function
497109eb4 cr-restore: Move `cr_plugin_init` after `fdstore_init`
427c0dc27 criu: Introduce a new device plugin hook for restore
d57d40a5a sk-inet: add MPTCP definition
fddca67cc seize: fix pause devices for frozen containers
366d73a4c make: remove checks and warnings for bsd strlcat and strlcpy
1eaa870cc kerndat: check that hardware breakpoints work
b458a5c1a sk-inet: add message how to disable MPTCP in Go
5a725266a zdtm: add mnt_ro_root test
6b3826a6f zdtm/lib: add "bind" desc option
88cb552f6 mount: restore root mount flags
b6dca3116 aarch64/crtools: fix define for missing constants
5de61a721 net: nftables: avoid restore failure if the CRIU nft table already exist
b9da95b0b s390: Fix FP reg restore after parasite code runs
74799ae02 aarch64: fix build with missing NT_ARM_PAC_ENABLED_KEYS
680584166 cuda: remove redundant goto label
e7aee3c5c cuda: use pr_perror for libc function errors
5ff52326e restore: use the new kernel interface to restore timers
9a1e97966 compel: fix the stack test
daa548bbf criu: Do not print failed message when there is no late stage hook
34226fd24 ci: try GitHub arm runners
a44aa6d98 criu: Version 4.1.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping cri-tools to version v1.26.0-1468-g16d56738, which comprises the following commits:
9ddc149f use latest cri client with the logger used from context
224d6cc1 Bump ncipollo/release-action from 1.20.0 to 1.21.0
f224fbcc add context to critest
4dcca56b image ID consistency test
77d610e3 ci: Skip exec tty test on Windows
94684d12 Bump the gomod group across 1 directory with 9 updates
51802bf0 Bump the gomod group with 4 updates
53a26273 Bump crate-ci/typos from 1.43.5 to 1.44.0
02862375 Bump the gomod group with 7 updates
075032cf Bump actions/upload-artifact from 6.0.0 to 7.0.0
3b76ce8d Bump actions/setup-go from 6.2.0 to 6.3.0
b1649021 feat(critest): Add image manager consistency and idempotency tests
b198f503 first iteration of AGENTS.md
8221586a Update golangci-lint to v2.10.1 and fix lint issues
7a737fe9 Bump github.com/onsi/gomega from 1.39.0 to 1.39.1 in the gomod group
9fe1083e Bump the gomod group with 16 updates
d84c3535 Bump crate-ci/typos from 1.43.4 to 1.43.5
ae771321 bump opentelemetry dependencies to latest
bf5ca193 Bump crate-ci/typos from 1.43.3 to 1.43.4
795d23d0 Bump crate-ci/typos from 1.43.2 to 1.43.3
fa820b42 Bump crate-ci/typos from 1.43.1 to 1.43.2
046d82c8 Bump actions/cache from 5.0.2 to 5.0.3
cdfc7c46 Bump crate-ci/typos from 1.42.3 to 1.43.1
779f2d21 Make ginkgo less verbose
3bcc1025 Bump crate-ci/typos from 1.42.2 to 1.42.3
ef1842c0 Bump crate-ci/typos from 1.42.1 to 1.42.2
cac1dfdf Bump actions/checkout from 6.0.1 to 6.0.2
2c34c5c2 Bump crate-ci/typos from 1.42.0 to 1.42.1
b2a9817a Bump actions/cache from 5.0.1 to 5.0.2
0761c49a switch to GA bits of k8s API
be5cd064 Add warning and documentation for crictl rmi multi-tag behavior
4d23a48c Bump actions/cache from 4.3.0 to 5.0.1
efbfa5a1 Bump actions/upload-artifact from 5.0.0 to 6.0.0
39831ffd Bump crate-ci/typos from 1.40.0 to 1.42.0
e9146feb Bump actions/setup-go from 6.1.0 to 6.2.0
55167ff1 Fix CNI installation grep pattern for containerd 1.7
78e6f2de special handling of containerd 1.7 CNI installation
f77dbe18 Update version
567e16a8 Vendor Kubernetes v1.35.0-rc.1
dd16bb7f buf fix: fix panic when no image in container-config
99f10931 Vendor Kubernetes v1.35.0-rc.0
92d5fee7 Bump actions/checkout from 6.0.0 to 6.0.1
60c0f563 fix:sometimes oom test failed
eb170995 Bump crate-ci/typos from 1.39.2 to 1.40.0
9900d2a6 Update Windows test image and fix CRI-O test cleanup
b78116aa Use `latest` gcb-docker-gcloud for building test images
cc2f14ae Bump actions/setup-go from 6.0.0 to 6.1.0
1d2b74ca Bump actions/checkout from 5.0.1 to 6.0.0
b56079fb Update golangci-lint to v2.6.2 and fix lint issues
f11f7e44 Bump actions/checkout from 5.0.0 to 5.0.1
e8f44b14 Bump crate-ci/typos from 1.39.1 to 1.39.2
3a38712d Bump crate-ci/typos from 1.39.0 to 1.39.1
314e94c5 Disable runc integration tests due to AppArmor issue
e07bd2f2 update selinux to v1.13.0 to address cve
8790d077 Update validation.md documentation
38a46a26 Switch to `macos-latest` runner
3931ed0d Update documentation with missing features and fixes
5f13ca55 Remove unused e2e badge
7feb39fe Bump crate-ci/typos from 1.38.1 to 1.39.0
c477e553 Add buffer pooling for JSON operations
5a86e2e3 Optimize marshalMapInOrder with strings.Builder
243bf09d Modernize golang for 1.25
722f0f55 Bump actions/upload-artifact from 4.6.2 to 5.0.0
12e02c53 bump containerd dependency to 1.7 in go.mod
bddc6ada remove unnecessary build step on Windows
7ef3055b Containerd 1.6 is EOL now
25cdc3c2 Remove link to outdated kubic repository
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping cri-o to version v1.33.0-522-g8273bca37, which comprises the following commits:
5dd7bb4e3 Add libpathrs version to dependencies
2b23b4810 Add libpathrs-devel to github-actions
8d8d342a1 Add libpathrs-devel to Fedora packages for runc build
d51616f2f fix: prevent panic on closed stopTimeoutChan in StopContainer
71e9babcd fix: handle ErrNotAnImage in RemoveImage for concurrent deletion idempotency
1d19f431c [docs] fix dead nixos link in install.md
73957f24e build(deps): bump the gomod group across 1 directory with 7 updates
e43e31772 Fix metric label cardinality mismatches in CRI stats
1e19a7261 Skip OCI artifact fallback on transient network errors
7eb2cc18e Add EnsureNotContainerImage to prevent container images in artifact store
aed9671d7 Return image ID from PullImage instead of repo digest
a42bdf9de tutorials/CRI-O in kind: fix bash syntax error
1e2e17804 Bump golangci-lint to v2.10.1
c355bea81 Add OpenVEX report generation via govulncheck
9ca8e2c1a Bump go dependencies
020b30892 Fix the bug where cri-o doesn't emit any metrics when all is set.
f1c0c7b6a Feature Request: Make TLS minimum version and cipher suites configurable for CRI-O server
ddb1d632a Update setup-go
1294b3151 Temporarily pin conmon to pass CI. See https://github.com/containers/conmon/pull/629#issuecomment-3872984444 for details.
65b9fcc49 Bump development version to v1.36.0
ecacc4558 Mark v1.32 EOL
75877851a Some minor refactorings of `ociartifact`
d1d77faec Refactor `ociartifact`: extract `datastore` package for artifact data handling
39ff6f590 Refactor `ociartifact` to simplify artifact creation using `NewArtifact` and remove redundant `buildArtifact` logic.
ec12a7d5f bump c/common, c/storage
33f0e88da Disable swap setup on GitHub actions
b414a1f93 Update nixpkgs
0f877a3e1 Update .coderabbit.yaml
d56906b6d Create .coderabbit.yaml
eccac32bd Revert "storage: Preserve knownRepoDigests order in ImageStatus"
4eabb00d3 server: update container state prior to NRI StopContainer event.
0f68aa8d0 test: Add regression test for user namespace cgroup delegation
e826ac15c server: Always include UID/GID mappings for user namespace containers
19d319695 server,nri: pass extended container status to NRI.
03e4dffce build(deps): bump github.com/sigstore/fulcio from 1.8.3 to 1.8.5
8df271a03 server,nri: pass any POSIX rlimits to plugins.
23b10b8da server,nri: pass container user (uid, gids) to plugins.
7822ff1f1 checkpoint: clean up checkpoint dir on error
74af549f5 Remove `filepath-securejoin` replace and bump to 0.5.2
922d3edc8 Refactor container mount setup functions and improve SELinux label handling
396cce5f0 Replace cgmgr.CgroupStats to use cgroups.CgroupStats
d9d10ea4c Rename DiskMetrics and FilesystemMetrics to DiskStats, FilesystemStats for consistency with other structs and cadvisor
9da43ec9c Move disk_metrics to the new stats package.
d2d7d1f2c Rename stats to statsserver
5062a6a94 oci: fix lint
73848ccec runtimehandlerhooks: save whether irq balance enable was done
a96dfe16a server: run post stop hooks before updating container status
fa5afc5b3 refactor(memorystore): remove unused Size() method
4009c44e1 refactor: remove AddExecPID, use StartExecCmd
eeab7a961 fix: make exec start atomic with PID registration
a97e4b982 test: skip tests from kata containers
e8d273b08 test: add integration tests for exec during graceful termination
8df026b11 test: add tests for exec during container lifecycle
35f7a3ca6 feat: allow exec to containers during graceful termination
ec1c67a8c artifacts: fix unqualified search tests
610a868fa artifacts: mock libartifact store
6ca8533aa Drop unqualified-search-registries support for artifacts
c33e3e81b test/nri: update linter deprecation annotation.
174d13446 server,nri: pass any linux RDT constraints to plugins.
25f32e0e6 server,nri: pass any linux net devices to plugins.
db7314ca6 server,nri: pass any linux scheduler attributes to plugins.
9536cf92c server,nri: pass any linux I/O priority to plugins.
b23a7d055 go.{mod,sum}: bump NRI deps to v0.11.0, re-vendor.
04f4754fa Update Golang download URL to use go.dev instead of storage.googleapis.com
4e2f7dbed Ensure `InitLabel` only sets process label when unset
29b33f11e Fix the bug where the ContainersStatuses.Image returned by the GetContainerEvents interface is nil
01b2c74d9 Follow up on PR 9634 to clean up redundant code.
68795ff36 Refactor cgroup manager integration: centralize pod and container cgroup manager retrieval logic with `GetPodAndContainerCgroupManagers` and standardize function naming for consistency.
0b1d77bdd Add exec cgroup for exec CPU affinity
a2a04ad55 Refactor cgroup manager logic: centralize `LibctrManager` and `CrunContainerCgroupManager` in `cgmgr` while replacing duplicates.
c979d5fdd Delegate setting shared CPUs in cgroup to container runtime.
cf4aab91f Update release notes to use cosign bundle format
3cead51f9 Replace json-iterator/go with goccy/go-json
9270ed35b Refactor ociartifact handling to use libartifact types and store
db0840561 go.{mod,sum} bump CDI deps to v1.1.0.
8212e1acd build(deps): bump github.com/sigstore/fulcio from 1.7.1 to 1.8.3
23b69a24b build(deps): bump the gomod group with 10 updates
a7b222899 server: use totalTimeout for infra container stop
9d7aa99d0 OCPBUGS-62150: server: ignore /etc/passwd mount
11e4c1806 build(deps): bump the gomod group across 1 directory with 3 updates
1c09e085d Replace v1 annotation references with v2
5a0973db5 Pin Kubernetes to v0.35.0-rc.0
1a7db25c0 Add container pressure metrics to stats collection
c42cf78c6 Remove SignalContainer functionality and related syscalls
97658ce1a build(deps): bump the gomod group with 7 updates
6bb8a380c Allow containers to use both host network and user namespace
e46ab57b1 build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0
c2ebfbac1 Migrate annotations to Kubernetes-recommended naming conventions
ddfa9d3eb server: skip processing early if we get a nil adjustment from NRI.
eb21f3b71 build(deps): bump the gomod group with compatibility fixes
e03e84aae Fix incomplete config validation on sandbox restoration
35ce440e8 Make AGENTS.md generic and add git workflow nuance
bbe6d7a4e Rename CLAUDE.md to AGENTS.md
e71f96aed dbusmgr: use system dbus when running as UID 0 regardless of rootless detection
9e0b08c1d Add support for "all" in includedPodMetrics and validate its usage
3b932318f Fix the bug where includedPodMetrics are not respected in ListMetricDescriptors
f830100c3 Add CLAUDE.md project context file
3233b94ea refactor: Reduce cyclomatic complexity in sandbox_run
07b0da920 refactor: Reduce cyclomatic complexity in sandbox_run
3dd90b8ab test: add integration tests for container_create_timeout configuration
52efdb362 test: add tests for ContainerCreateTimeout configurability
2d2024a0f Add documentation for container_create_timeout configuration option
7a2427285 Add context timeout to task.Create in runtime_vm.go
18d52e3e0 Make ContainerCreateTimeout configurable at runtime handler level
09625082c Improve returned error text at CreateContainer failure
f76e3f9ea Migrate to container-libs
f6bc16be2 storage: Preserve knownRepoDigests order in ImageStatus
e200c2625 test: Switch more integration tests to use crun
20e6d1b47 Update golangci-lint to v2.6.2 and modernize configuration
f22167af4 Update sigstore/cosign-installer to v4.0.0
99a55c8f5 Fix CVE-2025-58183: Update tar-split to v0.12.2
f49e8eb7b Disable runc integration tests due to AppArmor issue
9ece818fb metrics: add disk IO stats
822ce9db8 spec metrics: always report container_spec_memory_reservation_limit_bytes
e7af6bd9b metrics: add container_start_time_seconds
f470ad448 spec metrics: always report container_spec_memory_reservation_limit_bytes
cf3eb39b7 metrics: add container_start_time_seconds
2d66de376 feat: extend oci runtime to collect and manage disk metrics
069114806 refactor: Reduce cyclomatic complexity in criocli
6ad526c7a metrics: update process metrics tests and refactor stats_linux.go a bit
7fda065ba Extend Disk Metrics for other filesystems
d9694a420 Extended ContainerStats to include disk metrics
8b8028baa feat: Added Disk Metrics
7a179c8a6 refactor: Reduce cyclomatic complexity in container_create
6cbdc99cc Fix `patch-release` job by adding dependencies.yaml
58a1fc0f3 Tests for threads and sockets
cbea27536 Refactor thread metrics
aebf1d561 metrics: correct container metric metadata
76319d61c build(deps): bump the gomod group across 1 directory with 2 updates
927461f48 fix minor typos in README.md
897f1cdf2 Added container process metrics
a3c41c499 container: take state lock when setting spec
fe0a3281d metrics: add container spec metrics
a748f3453 metrics: add container_last_seen
1fb90ef70 build(deps): bump k8s.io/kubelet from 0.35.0-alpha.1 to 0.35.0-alpha.2
5ecd5931b build(deps): bump k8s.io/cri-client
36475303d build(deps): bump the gomod group with 2 updates
ed3fe40bf Add and apply gopls `modernize` linter
fe4306b72 Pin github.com/cyphar/filepath-securejoin to v0.4.1
9a2f002d0 build(deps): bump github.com/cri-o/crio-credential-provider
c2db50755 Close runtime connection on watchdog call
1e357f4d6 build(deps): bump sigs.k8s.io/release-sdk in the gomod group
93f920160 Remove support for `InsecureRegistries` in favor of `registries.conf`
f10344e7c Mark v1.31 as EOL
2ec914d08 Packit: remove unmaintained branches
c76a5286b lint
b10d151c8 remove typo
a760511c1 move log statement after fn call
6e4965b1d Fix lint CI by re-adding `nolints`
68c73a911 Clean up duplicate SignaturePolicyPath logic in image_pull.go
55c749ff4 build(deps): bump golang.org/x/net in the gomod group
ce5edf28b build(deps): bump the gomod group with 2 updates
93121f41b Re-use public credential provider API
a0c3b7723 build(deps): bump the gomod group across 1 directory with 4 updates
d25f3a5d2 Update log formatting in interceptors to use %+v for better readability of structs
ab0176bde HighPerformanceHooks: Nil pointer check for isContainerRequestWholeCPU
172635f02 HighPerformanceHooks: Add housekeeping CPU support for IRQ loadbalancing
7a780e492 Fix Generator initialization to properly initialize envMap
53b7f6bfb Remove github.com/grpc-ecosystem/go-grpc-middleware dependency
43ed9f965 Remove unused code from Makefile
ff5900e74 Switch to go 1.25
d73c82b4d Actions: cancel parallel runs
0b1d84cbc Update nixpkgs
1080c5ea9 Fix lint
cadcf4753 build(deps): bump the gomod group across 1 directory with 3 updates
85da8e038 Re-add the `--enable-fixed-path` removal for gpgme
719a3e65d Remove temporary auth files if used
bc7f61ad4 Update third party dependencies
7a99e1d67 Consume additional pull auth if available
63212c48b temporarily downgrade crun version until container-selinux fix is released
02cd6750a server: Fix network cleanup failures when NetNS path is empty
16246ad1a Fix `ERROR! Invalid callback for stdout specified: debug` by removing stdout_callback
ad1728396 Use ftpmirror.gnu.org instead of ftp.gnu.org because ftp.gnu.org is sometimes too slow.
78c966c13 HighPerformanceHooks: Defer irqSMPAffinityFile rollback
44af57fe0 Revert "Skip [FeatureGate:InPlacePodVerticalScaling]"
79cd6e3f1 Update development version
14abbfc21 build(deps): bump the gomod group across 1 directory with 9 updates
1f1746236 Update dependencies.yaml if required on release cut
03ec73d26 HighPerformanceHooks: Move IRQ balancing to PostStop hook
06c843730 HighPerformanceHooks: Add mock infra for command and system unit tests
1283afcfe HighPerformanceHooks: Make locks atomic for irq SMP affinity
8aeda9682 Update install.md - Add Dep for Ubuntu 24
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping conmon to version v2.2.1-23-g86e8106, which comprises the following commits:
8bc1877 chore(deps): update dependency containernetworking/plugins to v1.9.1
beb8c36 chore(deps): update dependency containers/automation_images to v20260310
5c023cb chore(deps): update dependency opencontainers/runc to v1.4.1
b074dcd tests: fail if runc start failed
db7c945 ci: drop unneeded step of installing bats
497ce1c Update dependency containers/automation_images to v20251211
329b0dd CI: bump dependencies, build runc/crun from source, skip crio-wipe tests
1090e54 RPM spec: modernize spec file
7aa0abd Add the official conmon logo to README.md
ec54d8f Fix FreeBSD 15.0+ SOCK_SEQPACKET message boundary issue
e311cf2 tests: Normalize json before comparing it.
c8cc2c4 Release v2.2.1
2cf4dcd Fix EAGAIN busy-loop in drain_stdio()
f8cc9d6 Add CRI-O critest
5863a7f Fix test for reverted F-sequence behavior
8563b0a Revert PR #592
894e164 Revert PR #629
3bb1a4e Skip test if RUNTIME_BINARY is not runc
93d4e63 Fix k8s-file log format for terminating F-sequence
de539b3 tests: Ensure necessary dependencies are available
27ef050 Release v2.2.0
40eb39e Fix SIGABRT crash in drop_signal_event
437e65a Add an easy cleanup for tests
dbb54d4 [skip-ci] Update actions/checkout action to v6
d436a96 Check memory.events file exists before adding inotify watch
21ffef0 Fix remaining busybox references in tests
15de5b1 Fix inconsistent error messages when runtime fails
8debcb5 Move attach start message after failure check
b2e434f Switch tests from busybox to UBI10 and add consistent terminal size validation
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v2.2.2-11-g5957d3334, which comprises the following commits:
a83510103 cri: UpdatePodSandbox should return Unimplemented
ee4179e52 fix(oci): apply absolute symlink resolution to /etc/group
fd061b848 test(oci): use fstest and mock fs for better symlink coverage
5d44d2c22 fix(oci): handle absolute symlinks in rootfs user lookup
00c776f07 update to go1.25.8, test go1.26.1
7e6ecf434 Prepare release notes for v2.2.2
a20dead7c set default config_path in plugin init
fbed68b8f Fix TOCTOU race bug in tar extraction
68855cb0b ci: modprobe xt_comment on almalinux
ef7a8beb3 core/mount: add test for getUnprivilegedMountFlags
07b2cc07e core/mount: fix getUnprivilegedMountFlags iterating over indices instead of values
a5f83d8c2 cri: unpack images with per-layer labels for runtime-specific snapshotters
54101116f add integration test for cni result nil
d44c4384e address comment
f1835270b fix issue where cni del is never executed
5dbf1b915 update golangci-lint to v2.9.0 with go1.26 support
8ec695ebe remove windows/arm from cross build
b9c22a6e3 ci: build/test go1.26.0
6c05047b4 apparmor: explicitly set abi/3.0
09b876a81 integration: Fix TestImageLoad() failure on CI
172ba65b6 cri: Fix image volumes with user namespaces
b4240ef87 update to go1.24.13, go1.25.7
94dbfaea7 ci: bump go 1.24.12, 1.25.6
e46a7a286 set fetch-depth for containerd to 0 for version parsing
1d7908273 core/mount/manager: fix bind mount missing rbind option
3d509bcd3 core/mount/manager: add tests for WithTemporary option
cb3ae2119 fix: sanitize error before gRPC return to prevent credential leak in pod events
533a2552e build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0
b120237fb build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0
a76eb698a cri: emit warning for concurrent CreateContainer
4be4e5156 Fix nil pointer dereference in container spec memory metrics
3d2e188b1 cri: Use the runtimeHandler parameter in PullImage
633057382 cri: move noisy CDI logs to debug level
8a7409e2e Reinstate image decryption
f6bae1f88 Prepare release notes for v2.2.1
c22cf5d49 cri,nri: pass any linux security profile to plugins.
d7532de75 cri,nri: pass any linux RDT constraints to plugins.
ef36e6181 cri,nri: pass any linux net devices to plugins.
d56faf426 cri,nri: pass any linux scheduler attributes to plugins.
e1824d261 cri,nri: pass any linux I/O priority to plugins.
01d5490ae go.{mod,sum}: bump NRI deps to v0.11.0, re-vendor.
58d23ab63 pkg/tracing: HTTPStatusCodeAttributes: remove use of deprecated SemConv const
05ccbb3a7 cri/nri: short-circuit nil adjustment.
c166a577d go.{mod,sum} bump CDI deps to v1.1.0.
8a5fc8641 go.mod: github.com/containernetworking/plugins v1.9.0
73a08aa00 go.mod: remove exclude rules
cee08c8af build(deps): bump github.com/containerd/zfs/v2 from 2.0.0-rc.0 to 2.0.0
55c93d6fb go.mod: golang.org/x/crypto v0.45.0
aedd29bb4 ci: bump Go 1.24.11, 1.25.5
26628f139 ci: bump Go 1.24.10, 1.25.4
8bb0e9be6 ci(release): set GO_VERSION in Dockerfile
ed19c5420 core/runtime/v2: remove uses of otelgrpc.UnaryClientInterceptor
952237d9b ci: update CIFuzz actions to support Ubuntu 24.04
51582ed27 bump containerd/cgroups to v3.1.2
50d0e4fd4 build(deps): bump github.com/containerd/cgroups/v3 from 3.1.0 to 3.1.1
fb5b818a9 runc: Update runc binary to v1.3.4
e3bf2b80b build(deps): bump github.com/opencontainers/selinux
41a69eb0d core/mount: should not call removeLoop when set autoclear
da8e846f9 .github: skip 5 critest cases in window CI pipeline
c707f771a fix: redact all query parameters in CRI error logs
d154e234b Update the ctr pull defaults when using the transfer service
09364216d Fix transfer unpack defaults on darwin
2055d3c62 Update default differs on darwin
9da97686d Use default writable size in erofs snapshotter for non-Linux hosts
eeb0f889a Update default erofs block size on macOS during erofs diff
678f944dd Revert "Implement io.ReaderAt on docker fetch reader"
8b73c2de3 remotes: fix possible panic from WithMediaTypeKeyPrefix
8eaa0b5cb Prepare release notes for v2.2.0
8885b1b7a Make v2.2.0 the latest release
d77d3bc34 Update releases file
491f77350 Update api version to v1.10.0
1ea370e9e Update platforms version to latest
77644a1b0 Update EROFS snapshotter documentation
8c98030c4 runc: Update runc binary to v1.3.3
715d6f8e4 Update Darwin defaults to useable values
69c855bb5 Prepare release notes for api/v1.10.0
f72025d05 Update GHA runners to use latest images for basic binaries build
acbaa8a99 ci: bump Go 1.24.9, 1.25.3
910171e90 Fix directory permissions
a0d0f0ef6 fix goroutine leak of container Attach
0928a980c build(deps): bump lycheeverse/lychee-action from 2.6.1 to 2.7.0
31132cc91 build(deps): bump github/codeql-action from 4.31.0 to 4.31.2
9ae5468e0 build(deps): bump github.com/intel/goresctrl from 0.9.0 to 0.10.0
565151652 Add size check to referrers response
bda01054f fix: ci TestContainerListStatsWithIdSandboxIdFilter failed because multiple id found
7bf5b92e6 Add Readonly setup to EROFS mount loop handler
ebb52e3fb add missing container process metrics.
18be704f7 add container_threads to metric descriptors
7429a7b75 add container_start_time_seconds
6eef0737b add container_ulimits_soft
4b5f23e8a add oom metrics
a68690c8c add container spec metrics
e65874cfb add miscellaneous metrics
ba524db34 snapshot: check parent's kind before commit
e817edf89 CI: update Fedora to 43
2e0e47c47 Deprecate cgroup v1
189de942c Prepare release notes for v2.2.0-rc.0
db3c5b7b7 Update api version to v1.10.0-rc.0
d9d3c8223 Cleanup load shim info
42336c7de Update referrers interface to support more options
9840ad93e docker: fix addQuery with multiple calls
2d40b7fba build(deps): bump golang.org/x/time in the golang-x group
8ef2cfb7e Improve documentation for mount manager
4c7b94fce api/go.mod: golang.org/x/net v0.38.0
f508730d5 cgroups: bump to v3.1.0
842cb99a5 containerd-shim-runc-v2: monitor OOM event after creation
867728517 build(deps): bump github/codeql-action from 4.30.9 to 4.31.0
a741a44cf build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0
94c2d3853 build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0
c59cc44c0 CI: skip ubuntu-24.04-arm on private repos
04d8ae1d6 Postpone v2.2 deprecation items to v2.3
d939b6af5 Remove rebase validation logic from overlay snapshotter
fbc7848f2 Prepare release notes for api/v1.10.0-rc.0
7b7c5c171 Add rebase capability to erofs
0198b87fc Implement parallel unpack
c9afcc2bc cri: retry stop container if there is connection closed
2042e805b cri/server/podsandbox: disable event subscriber
5b9d871fe Add EROFS mount handler plugin
a418e280a add process metrics
7da6a9c21 add disk and diskIO metrics
2e58d4ccf add network metrics
68beb8191 add memory metrics
63eca8fe9 implement CRI ListMetricDescriptors
1bd3b45ad add cpu metrics
942d7afc6 Implement CRI ListPodSandboxMetrics
24e8734a5 .github: dump kernel message in Vagrant box
8a6e6263f Support arbitary mkfs size (not only in MiB)
3cc411c8b Fix backreference support for mount manager
4f130dbe7 cri: retry stopSandboxContainer if shim connection is closed
679a6d0a7 build(deps): bump github.com/klauspost/compress from 1.18.0 to 1.18.1
0da68e8b4 build(deps): bump github/codeql-action from 4.30.8 to 4.30.9
62845f4a9 Simplify oom event handling for cgroups v2 in shim
0d62c7188 Update loopback test to make initialization more robust
9ae0168c7 Add focus test option to critest
a7d26b35e client: add referrers support to client
9e9620dd6 chore: fix some function names in comment
5386802f8 Default config_path if legacy registry options are not set.
25c3871ba Switch mount manager tests to ext4
55d5d5b50 Add Close method to mount manager
2a8d30117 Set default run platform in ctr
92bc4fadc Update task manager to use mount transformers
2f75989e2 Update erofs to use mount transformers
be9f183f4 Add mount transformers to mount manager
1adaf27c1 Update erofs to compile on Darwin
ee8ae9d56 Update erofs snapshotter to use mount manager
fe02fcc5f docs: update default values for unprivileged port and ICMP settings
ed2e81a78 bugfix:sync parent dir to ensure blob entry is reliably stored
932b65a49 restart:use goroutine to speedup loadShims
5243cdd2d Check expected digest when committing as a sanity check
f2b9ff67f Make dockerPusher more compliant with distribution spec
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v5.8.1-1-g9d66b48e1c, which comprises the following commits:
c6077f6457 Bump to v5.8.1
dfe5dae2d6 Release notes for v5.8.1
cf0019e3ed docs: make the --migrate-db more clear
5dcc24d01d update boltdb migrating warning
13deb46d81 libpod: prefer sqlite in getDBState()
0c473eb570 libpod: fix parallel migration issue
9b810aed3a libpod: return full path in sqliteStatePath()
1e99e31575 migrate to oidc
935088fd14 Bump Podman to v5.8.1-dev
37bfeded1f Disable lint to fix CI
07efc23e05 Bump to v5.8.0
482462af7b Final release notes for v5.8.0
dafa2e722c update github.com/containers/gvisor-tap-vsock to v0.8.8
e3d9a7863f Bump Podman to v5.8.0-dev
cf2514451d Bump to v5.8.0-RC1
b2325c1126 Extent timeout on Build Each Commit
72838c8458 Update release notes for v5.8.0-RC1
05135d35fe fix: remove unnecessary -t flag from podman run commands in documentation
e330a9fd83 Add /usr/libexec/podman/qemu-system-arch
949d406ed1 test/system: skip podman volumes with XFS quotas on fedora
3235579b48 cirrus: ensure NOTIFY_SOCKET is properly unset for all tests
faedb9c911 docs: Update filter options and add podman ps documentation
e70bfff716 docs: Deduplicate --filter descriptions
63ea75a599 Deterministically order pod inspect fields
4e3dd47967 bindings: fix handling of env secrets in remote builds
b17e90703c Add perl to make validatepr
86b6c75cef Fix `unless-stopped` restart policy to match Docker behavior
8e93487dcc docs/podman.1: Fix leftover rootless mention
35c602bfbb fix: improve userns validation when joining pods
371b3ecdc1 docs: further tweaks
36b11b43fd docs: improve note about Quadlet TimeoutStartSec
d6c79580f8 [Fixes: #27571] Fix 'shouldResolveWinPaths' returning 'false' on Windows
243b623629 fix(api/compat): typo in the remove secret handle
8423b3bbd0 Clamp rootless rlimits to host on format
58a15f1500 Add ulimits to `podman update` API
0f5b913a7c podman-systemd.unit.5: document /sbin/nologin accounts
484858710c feat(exec): Add --no-session flag for improved performance
790f21d355 quadlet install: multiple quadlets from single file should share app
ed79cdfd6a quadlet: add support for multiple quadlets in a single file
e8c334f3cb chore: fix the inconsistent method names in the comments
2a0b5c3593 docs: Add references to quadlet
479b363020 test/system: Update test to handle new error message from runc 1.3.3
d45377c6c8 Ignore auth header with empty JSON object
d36b61c211 Fixes: #27444, Fix tiny typos in some artifact docs
f1dcf63a91 Fixes #27421 aritfact push and pull with authfile
60bf36386b Bumping timeout for aarch64 machine
87bb060531 Fix remote client rejecting empty --detach-keys string
49a704eb06 Makefile: Drop dead CONTAINER_RUNTIME
5a8dbd1dfb Fixes #27378 Missing network type in events document
dcf7644cbc Update docs/source/markdown/podman-run.1.md.in
28b04a8604 Escape periods in path
8b8390522b Escape RequiresMountsFor value
d5b72d973a Introduce assert-has-key assertion
62f1e1176e Rename misleading assertion name
eeae782945 docs: expand --mount section with detailed type descriptions (#25888)
9d29245500 Fix tmpfs U/chown documentation
415e3fc4c8 [CI:DOCS]Fix minor typo in buildah test
ee88292812 Add system test
b866c3d49d Fix podman build "newer" pull policy
99136fbc4c test/e2e: fix 'block all syscalls' seccomp for runc
f76be2a94d [play_kube] Add validation to container image field
b4202348ad test: Fix PODMAN_BATS_LEAK_CHECK
cc83ebbb3e Fix docs for Volume User= and Group= options
763b7b3821 test/system: fix log timestamp work around
6c1378be44 extract shared TTY handling code into helper function
b847c344f6 test: Fix --hostuser octal UID test flakiness
10187a23af Fixes #27651 - Fix health inspect/ps for rootfs containers with empty healthcheck
2f348b3c19 test/e2e: Skip privileged container test if NoNewPrivs is set
abc9a6ff29 Don't assume v1.41 is the default docker
d93268f286 Bump Compat API version to supported v1.44
dc97c9af7e libpod: fix Volume.Mount() returning empty path for plugin volumes
8eacbd8464 fix: correct env/envFrom precedence in kube play
5ff402aa80 Fix PowerShell `Write-Error` multi-line argument
7036d09c5e fix: generate correct error message if Wix is not installed
9e965498aa Fix interfering escaping of commas and spaces in no_proxy variable
4ea22f1b29 Write DefaultEnvironment proxy values to /etc/systemd/user.conf.d/default-env.conf
0e4dc26c05 Fix test proxyenv/env_test.go for systems that use proxy variables
eb118bafb4 Fix healthcheck argument with spaces split in Docker API (#27818)
3d02daa261 fix: prevent race condition during database initialization by using INSERT OR IGNORE.
b41f2d3a3a Release notes for v5.8.0-RC1 (initial)
96dd0e1ad1 Fix podman run equivalent for HealthStartPeriod
7477ffa9c6 libpod: simplify unnecessary loops
d941f62082 secrets/create: remove pipe check and allow interactive stdin
e1408e5a35 Fix container export emitting incorrect event type.
0747179589 Add AppArmor key to quadlet .container files
f111cedfce fix(logs): enhance timestamp format to include timezone in logs
dac1e82710 fix(logs): add tests for nanosecond precision in log timestamps
d3bda38309 fix(logs): improve timestamp precision in container logs
06fe9b21c1 Fix missing newlines in stderr error messages
17d7be80c9 test/system: remove apk from build
ac22866156 libpod: fix healthchecks not executing every interval on linux
fcaf1300d7 fix: skip execution of probes when initialDelaySeconds is not elapsed
efff41698b test/buildah-bud: skip failed remote test
37e511d216 [v5.8] Bump Buildah to v1.43.0
b320fbcaff Add migration code for BoltDB to SQLite
4fdb90e02c Deterministically order pod inspect fields
7ae6813dfc [v5.8] artifact: Skip AddLocal optimization on WSL
3918d4ca75 [v5.8] Require absolute path for local API
6465c07d21 [v5.8] Add local artifact add API endpoint
bae88e1e5e Add GET /quadlets/{name}/exists
d6023e431f Add DELETE /libpod/quadlets
f2fcc7f09c Add POST /libpod/quadlets
01e0db2931 Add GET /quadlets/{name}/file
36c405582a Bump Podman to v5.7.2-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The recipe only has file:// SRC_URI entries which unpack directly into
UNPACKDIR, not a ${BP} subdirectory. The new do_qa_unpack QA check in
insane.bbclass warns when S doesn't exist after unpack. Set S explicitly
to satisfy the check.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
OE-Core made changes to the way dummy providers work, update the
container-dummy-provides to match them. It now needs a hint in layer.conf
to make the core components aware of the presence of the dummy recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build with recent glibc and picks up the following fixes:
2597434ae Release LXC 6.0.6
d128f134d cmd/lxc-user-nic: prevent OOB read in name_is_in_groupnames
c43aeaaed lxc/network: define netlink uAPI constants for link properties
42b43b31c lxc/network: save/restore physical network interfaces altnames
810f44ba0 lxc/network: optimize netdev_get_mtu
5e68a7a63 meson.build: fix open_how include with glibc-2.43+
540f9e2bc meson.build: fix openat2 include typo, fix with glibc-2.43 +FORTIFY
01b9e35a7 lxc: added support OpenRC init system
885496ccc src/confile: fix values of lxc.cap.keep and lxc.cap.drop
99c3206c7 tests/lxc-attach: ensure no data corruption happens during heavy IO on pts
b964611b3 lxc/{terminal, file_utils}: ensure complete data writes in ptx/peer io handlers
d6ccb9abe github: test io_uring-based event loop
0448c9dd2 build: update Makefile and meson.build
aa4212023 Improve the dbus scope creation error handling
f9e73517e cgfsng: fix reboots when using dbus
2072ea4c7 copy_rdepends: Don't fail on missing source file
c7eac1180 start: Respect lxc.init.groups also in new user namespace
8ed8145d6 start: Remove outdated comment about group dropping
e9921c3d7 build(deps): bump actions/upload-artifact from 5 to 6
97a2e4af5 Added documentation on unprivileged LXC containers
59a30025e added doc for --rbduser
54d323a2d added "--rbduser" option in "lxc-create -B rbd"
a262afb5d Fallback to XDG_RUNTIME_DIR when /run not found
d7068a338 checkonfig: Fixed compatible with toybox/gunzip
4cc343edf Initial changes without testing
bdce7a634 Enumerated all values in array
edc57196f meson: add meson option for running doxygen in build
058be42aa build: Check if P_PIDFD is defined
099089971 Ensure do_lxcapi_unfreeze returns false when getstate errors
f9ff9ea2a build(deps): bump actions/checkout from 5 to 6
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build against the lastest glibc, and we get a
few other bug fixes as well:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-61-g1c72306b1f, which comprises the following commits:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
crun ships a GNUmakefile that aborts with "You must run ./autogen.sh &&
./configure" when make clean is invoked before configure has run. The
autotools_preconfigure prefunc triggers this when rebuilding (e.g. via
multiconfig where sstate hash changes cause reconfiguration).
Set CLEANBROKEN = "1" to skip the make clean in autotools_preconfigure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
do_fetch_containers runs as a postfunc of do_fetch and needs skopeo
from the native sysroot. However, DEPENDS only gates
do_prepare_recipe_sysroot which runs after do_fetch, so with a clean
tmp/ directory skopeo-native may not be built when do_fetch runs.
Add an explicit do_fetch[depends] on skopeo-native:do_populate_sysroot
when remote containers are configured so the ordering is correct.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move FEATURE_PACKAGES_container-registry from container-image-host.bb
to meta-virt-container.inc so it is available to all image recipes.
image.bbclass check_image_features() auto-discovers FEATURE_PACKAGES_*
variables as valid image features (line 72), so defining the variable
globally is sufficient — no IMAGE_FEATURES[validitems] needed.
This avoids the signature pollution that IMAGE_FEATURES[validitems]
causes when set globally, while allowing container-registry to be
used as an IMAGE_FEATURES value in any image recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kcfg sysroot search path (type=kmeta) was being injected
unconditionally, which caused fragment conflicts for linux-yocto kernels
that already have their own kernel-cache meta branch. The injected
search path would roll back fragments to an older set.
Make the injection conditional and fix the root cause:
- kernel_cache_feature() now checks SRC_URI for type=kmeta entries.
Kernels with kernel-cache get short paths (e.g. cfg/container.scc)
that resolve directly via the kernel-cache's search path. Kernels
without kernel-cache get the sysroot-relative ../../ paths as before.
- distro_cond_feature() now passes d.getVar('SRC_URI') instead of an
empty string, so kernel_cache_feature() can actually see whether the
kernel has a kernel-cache.
- SRC_URI append and inject_kcfg_search_path prefunc skip when
type=kmeta is already present.
- Remove unused kernel_cache_cond_feature() which was the original
conditional implementation but was never wired up.
This restores the original design intent from commit 5c212911
("allow conditional use of yocto-cfg-fragments"): kernel-cache is
the first choice for fragment resolution, sysroot is the fallback.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bc293057 bcm-2xxx-rpi: Fix configuration audit warnings (LEDS, BACKLIGHT)
8ef043d5 kver: bumping to v6.18.16
104a5c9d bcm-2xxx-rpi: Add raspberry pi5 config and add input feature by default
9b173d3a genericarm64: drop CONFIG_PINCTRL_SM8350_LPASS_LPI
0b1ea0e5 genericarm64.cfg: enable CONFIG_INTERCONNECT_QCOM_QCS8300
2fa1b419 genericarm64-pinctrl.cfg: enable CONFIG_PINCTRL_QCS8300
53f6a3a8 kver: bumping to v6.18.13
98a36302 cfgs/nfc: create an intel-nfc-vendor specific feature
6350b56a netfilter.cfg: enable NF_CONNTRACK_SNMP
a425fdd0 pmem.cfg: enable DEV_DAX and DEV_DAX_HMEM
70eeaeff genericarm64.scc: enable TRANSPARENT_HUGEPAGE support
d62a1267 security-arm64.cfg: rename CFI_CLANG to CFI
b925ef94 security-arm64.cfg: correctly enable KASAN
1fdb98a4 security-arm64.cfg: add comment for ARM64_BTI_KERNEL
6d8bf6f0 security.cfg: move RANDOMIZE_MEMORY to x86_64
18fcb6dc arm.scc: move ARM_CPUIDLE to arm only
7e1d9b2b numa_x86_64.scc: move x86_64 config from numa.cfg to numa_x86_64.cfg
e93e999e sound.cfg: split SND_SOC_WM8731 to I2C and SPI variants
5a567776 sound_x86.scc: take over x86 configs from sound.scc
1ae7ce94 genericarm64.cfg: enable MTD NAND ECC support
15d48f71 genericarm64.cfg: enable TI MTD NAND support
40a67254 genericarm64-serial.cfg: set SERIAL_8250_CONSOLE to y
5ee6148e qemu-kvm.cfg: remove extra space
9f780417 firmware.cfg: whitespace fixes
bc221187 genericarm64.cfg: fix CONFIG_PM_DEVFREQ_EVENT
aef69bf3 Revert "genericarm64.scc: enable OP-TEE support"
6f597e1a genericarm64.cfg: enable SCSI support for HiSilicon etc
f1f313cf genericarm64.scc: enable RPMB support
a4565911 genericarm64.scc: enable GNSS support
391566e2 gnss.scc: add feature
d40a455d genericarm64.cfg: enable more bus drivers
20e41104 genericarm64.cfg: enable PCI_PASID support
0b2967f5 genericarm64.scc: enable NFC support
2643b37e nfc-vendor.scc: move Intel configs to nfc-vendor-intel.cfg
b1d00b01 genericarm64.scc: enable RFKILL LED, INPUT and GPIO
92610953 rfkill-extra.scc: add fragment for RFKILL LEDs, input and GPIO support
fc7d5f45 bluetooth.cfg: enable BT_LEDS support
f18ec272 genericarm64.scc: enable HSR
79fa2c17 hsr.scc: add feature for High-availability Seamless Redundancy (HSR & PRP)
1313923a genericarm64.scc: enable Time Sensitive Networking
e190eeff intel-x86.scc: enable hibernation with feature
c941f4ee genericarm64.scc: enable hibernation support
ce5c6d9d hibernation.scc: add feature
83620a7d bluetooth-usb.cfg: enable MediaTek and RealTek support
cf6e1261 bluetooth-hw.cfg: enable BT_MTK
ffdd0769 genericarm64.cfg: enable Microchip PHY support
9e9536d1 features/iommu: remove CONFIG_INTEL_IOMMU_FLOPPY_WA=y
61265288 genericarm64.cfg: enable CONFIG_QCA808X_PHY
8e6a09c7 kver: bumping to v6.18.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the global IMAGE_FEATURES[validitems] registration entirely.
Setting it in layer.conf or a globally-inherited bbclass changes the
varflag value, which gets pulled into the signature of every recipe
that depends on IMAGE_FEATURES — causing yocto-check-layer signature
change failures.
Image recipes that use the container-registry feature already set
IMAGE_FEATURES[validitems] locally (e.g. container-image-host.bb).
Users who want the feature in their own images add the one-liner:
IMAGE_FEATURES[validitems] += "container-registry"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid a yocto-check-layer issue:
qemu-system-native:do_recipe_qa: 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 -> 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
bitbake-diffsigs --task qemu-system-native do_recipe_qa --signature 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
NOTE: Reconnecting to bitbake server...
basehash changed from 1b770ad4a9b79d38c928331d17651d3d66a6ebc45822c336d7ab98bfa8ebfd94 to 6bc5e5507534603aa6f6ab862ab27ef9c0b9ffcfaa9922d7ef25cb563fab6ab9
Variable PACKAGECONFIG value changed:
"fdt alsa kvm pie slirp png pixman sdl virglrenderer epoxy {++}" (whitespace changed)
but moving the whitespace into the added option.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Move the container-registry IMAGE_FEATURES[validitems] registration
from layer.conf into meta-virt-container-cfg.bbclass where it can be
gated on DISTRO_FEATURES. The validitems varflag is now only registered
when vcontainer or virtualization is in DISTRO_FEATURES.
layer.conf is parsed before distro features are known, so inline
Python cannot be used there. The bbclass is loaded via USER_CLASSES
(deferred parsing) and already handles container profile configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
While we need the buildpaths QA skip due to the 3rd party
nature of some bundles, we don't need the installed-vs-shipped.
There's no reason why a bundled guest isn't packaging all its
files (or deleting them).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Somehow we have two similar registry recipes that were developed
from a different pont of view.
We don't need both.
container-registry-index is the mature, QA-compliant version
that also generates the standalone container-registry.sh helper
script.
container-registry-populate is an older, simpler version that
does only the push, so we drop it here
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This recipe can't be built without the main recipe, which is
in meta-oe meta-webserver.
Fix a S assigment, so it'll parse
And then skip if meta-webserver isn't in bblayers (not in
collections).
This will ensure that world builds don't try and pick it up
when processing meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
to match the image recipe from XEN_GUEST_BUNDLES
Fixes:
ERROR: Nothing PROVIDES 'xen-guest-image-minimal'
xen-guest-image-minimal was skipped: using DISTRO 'distro', which is missing required DISTRO_FEATURES: 'xen'
in bitbake world builds
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've terrorized the users of meta-virt for long enough with
the warning about the virtualization distro feature not
being set.
Modern OE has the features_check capability so recipes and
functionality that need the distro feature to be set can
just check it themselves. No need to warn over and over
again.
For now, it just default to off, but the check can be
completely removed in the future (since it does cause some
parse time overhead).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The upgrade of binutils in OE core broke the xen build on
arm64 due to unsupported instructions.
We cherry-pick a patch from xen master to fix the issue.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Block backfill features not needed by container runtime environments.
OE-core's DISTRO_FEATURES_BACKFILL auto-appends these to DISTRO_FEATURES
unless explicitly listed here. Without this, gobject-introspection-data
enables python3-pygobject (which DEPENDS on cairo), and wayland enables
pygobject's cairo PACKAGECONFIG — both are masked in vruntime builds.
We are using:
ISTRO_FEATURES_BACKFILL_CONSIDERED = "pulseaudio gobject-introspection-data opengl ptest multiarch wayland vulkan"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our runc is now sufficiently far ahead of the oci-image-tools
such that they aren't compatible.
But
They can still be made to work with a runc generated spec.
Update the comments to show a flow that works if using runc
directly is desired.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping buildah to version v1.43.0-1-gbbc4bd12f, which comprises the following commits:
0158b5b31 [release-1.43] Bump Buildah to v1.43.0
f40d38a2f [release-1.43] fix source test
07b8495c8 [release-1.43] Bump common 0.67.0, image 5.39.1, storage 1.62.0
7178b10ac [release-1.43] Bump dest branch in cirrus to 1.43
acca15722 fix(build): make --tag oci-archive:xxx.tar work with simple images
40b5e371e test: do not untar archive into fs when checking file names
45b48af90 tests: use cached images instead of fedoraproject.org
662aa1598 chroot.bats(chroot with overlay root): ensure we can overlay
3877dc97d Run: don't try to encode SystemContext with json
c0cc97255 [release-1.42] Bump Buildah to v1.42.2
307d1a3a4 [release-1.42] Bump runc to v1.3.4
de21106b6 [release-1.42] Bump Buildah to v1.42.1
f0700c546 [release-1.42] bump runc to v1.3.3 - CVE-2025-52881
22cd531e9 RPM: build with sequoia on F43+
1ba41f035 Bump to Buildah v1.42.0
c23bf6bf1 Bump to storage v1.61.0, image v5.38.0, common v0.66.0
858a514ff fix(deps): update module github.com/openshift/imagebuilder to v1.2.19
a0bc52535 fix(deps): update module github.com/openshift/imagebuilder to v1.2.18
4caee77d1 copier: ignore user.overlay.* xattrs
5a849d176 commit: always return the config digest as the image ID
92b342392 fix(deps): update module golang.org/x/crypto to v0.43.0
114aa3d8c fix(deps): update module golang.org/x/sys to v0.37.0
58f0f862b fix(deps): update module github.com/docker/docker to v28.5.1+incompatible
65929b93a fix(deps): update module github.com/moby/buildkit to v0.25.1
31cb2af46 fix(deps): update module github.com/opencontainers/runc to v1.3.2
8efc91385 fix(deps): update module github.com/docker/docker to v28.5.0+incompatible
ceff05295 fix(deps): update module github.com/moby/buildkit to v0.25.0
b7961ac34 fix(deps): update github.com/containers/luksy digest to 2cf5bc9
a654d3534 Make some test files different from each other
82702b493 Revert "fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0"
3748cda03 Also run integration tests with the Sequoia backend
c9c1d764c Allow users to build against podman-sequoia in non-default locations
e3468665b fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0
5bb6d9e48 .cirrus.yml: Test Vendoring bump golang
e3f55fec6 vendor: bump go.podman.io/{common,image,storage} to main
6d0c9ed7e fix(deps): update module golang.org/x/crypto to v0.42.0
fbe61f730 fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
881f14f01 fix(deps): update module github.com/moby/buildkit to v0.24.0
bea03a01d fix(deps): update module github.com/spf13/pflag to v1.0.10
dcb6da097 fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.2
477dd3563 fix(deps): update module github.com/opencontainers/runc to v1.3.1
296a8f3eb fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
1c384c959 fix(deps): update module golang.org/x/sync to v0.17.0
9cd4768bd tests/run.bats: "run masks" test: accept "unreadable" masked directories
a18468f70 Run: create parent directories of mount targets with mode 0755
6e4d1ca83 tests/run.bats: "run masks" test: accept "unreadable" masked directories
af18a2ea6 New VM images
42d6b68db Suppress a linter warning
7aedebdcc modernize: JSON doesn't do "omitempty" structs, so stop asking
802b06979 modernize: use maps.Copy() instead of iterating over a map to copy it
16680a4df modernize: use strings.CutPrefix/SplitSeq/FieldsSeq
ebc9b4049 Update expected/minimum version of Go to 1.24
76c18c897 chroot: use $PATH when finding commands
02e42929f [skip-ci] Update actions/stale action to v10
95591dbc8 Update module github.com/ulikunitz/xz to v0.5.15 [SECURITY]
dd4f9fcd6 Update go.sum
7c0c647d6 New VM images
ac8573525 Update module github.com/openshift/imagebuilder to v1
3acceccf6 Update module github.com/spf13/cobra to v1.10.1
a0a9ac638 Switch common, storage and image to monorepo.
c448438ef Update module github.com/stretchr/testify to v1.11.1
57c9d52c6 Update module go.etcd.io/bbolt to v1.4.3
c4cfbcda8 Handle tagged+digested references when processing --all-platforms
fc8d43482 Update module github.com/stretchr/testify to v1.11.0
b436176d4 Add --transient-store global option
fc748f85a Support "--imagestore" global flags
a20e25136 Commit: don't depend on MountImage(), because .imagestore
13db28cdb Adding mohanboddu as community manager to MAINTAINERS.md
69a50588c Rework how we decide what to filter out of layer diffs
bf2cbe164 Note that we have to build `true` first for the sake of its tests
473656b9d copier.Stat(): return owner UID and GID if available
738fa0d3c copier.Get(): ensure that directory entries end in "/"
9461dd61d copier.Get(): strip user and group names from entries
fd498cbf5 imagebuildah.Executor/StageExecutor: check numeric --from= values
fceb8d9ed Losen the dependency on go-connections/tlsconfig
e78c0ad5a fix(deps): update module golang.org/x/crypto to v0.41.0
b49f0e2a5 fix(deps): update module golang.org/x/term to v0.34.0
494fd9dfa fix(deps): update module github.com/docker/go-connections to v0.6.0
4912cf45d fix(deps): update module golang.org/x/sys to v0.35.0
2ae2ec75b copy: assume a destination with basename "." is a directory
e31b04729 generatePathChecksum: ignore ModTime, AccessTime and ChangeTime
3e92772f6 fix(deps): update module github.com/seccomp/libseccomp-golang to v0.11.1
11e32da8d fix(deps): update module github.com/containers/common to v0.64.1
70d0451b8 History should note unset-label, timestamp, and rewrite-timestamp
7cecaa79e pkg/cli.GenBuildOptions(): don't hardwire optional bools
7cf2b7fb7 fix(deps): update module github.com/containers/image/v5 to v5.36.1
fb6ce9d07 imagebuildah.StageExecutor.Execute: commit more "no instructions" cases
0d1d1a4df fix(deps): update module github.com/containers/storage to v1.59.1
87f60f60c Only suppress "noted" items when not squashing
27c40b3db Reap stray processes
b271aecf4 fix(deps): update github.com/containers/luksy digest to 8fccf78
06207266f fix(deps): update module github.com/docker/docker to v28.3.3+incompatible
f949a49ab Restore the default meaning of `--pull` (should be `always`).
ff07ebc3e Test that pulled up parent directories are excluded at commit
7d302c38d Exclude pulled up parent directories at commit-time
95013b363 copier.Ensure(): also return parent directories
8807a0097 copier.MkdirOptions: add ModTimeNew
e729f60d5 fix(deps): update module github.com/containers/common to v0.64.0
cce5f9c32 Bump to Buildah v1.42.0-dev
8b5354ee8 fix(deps): update module github.com/spf13/pflag to v1.0.7
7a986ebcf CI: make runc tests non-blocking
2df30a83c build,add: add support for corporate proxies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
README-xen.md:
- Add vxn and containerd integration section describing all execution
paths (containerd, vxn standalone, vdkr/vpdmn, native Docker/Podman)
- Add memory requirements section explaining QB_MEM_VALUE=1024 is
insufficient for vxn/vctr and documenting qemuparams="-m 4096"
- Add runtime tests section with build prerequisites, test commands,
and skip behavior
- Fix x86-64 runqemu command to include qemuparams="-m 4096"
vxn/README.md:
- Add testing section referencing the pytest runtime test suite
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New test_xen_runtime.py boots xen-image-minimal via runqemu and verifies:
- Xen hypervisor running (xl list, dmesg, Dom0 memory cap)
- Bundled guest autostart (alpine visible in xl list)
- vxn standalone (vxn run --rm alpine echo hello)
- containerd/vctr integration (ctr pull + vctr run)
Uses pexpect-based XenRunner with module-scoped fixture (boot once,
run all tests). TERM=dumb set after login to suppress terminal UI
from ctr/vxn progress bars. Free memory check skips vxn/vctr tests
gracefully when insufficient Xen memory available.
Also registers 'boot' marker in conftest.py and documents build
prerequisites, test options and skip behavior in README.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
DAEMON_SHARE_DIR was referenced in the CA certificate copy and idle
watchdog paths but never assigned, causing 'cp: cannot create regular
file /ca.crt: Permission denied' when starting the daemon.
Create the share directory under DAEMON_SOCKET_DIR and register it
as a 9p mount, matching the path expected by daemon_run().
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add TestXenImageMinimalX86Config test class verifying:
- QB_CPU_KVM host passthrough for Xen CPUID filtering
- QB_MEM_VALUE override (not QB_MEM which can't override bbclass)
- dom0_mem in both QB_XEN_CMDLINE_EXTRA and WKS syslinux config
- vgabios SAVANNAH_GNU_MIRROR usage
Update Alpine recipe tests for per-arch checksums (name=${ALPINE_ARCH})
and S variable. Add qemux86-64 build and boot section to README-xen.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix several issues found during x86-64 Xen testing:
- xen-image-minimal: use -cpu host for KVM to avoid Xen CPUID
filtering stripping AVX/AVX2 from x86-64-v3 builds, causing
illegal instruction crashes in Dom0
- xen-image-minimal: use QB_MEM_VALUE (not QB_MEM) to properly
override the hard assignment in qemuboot-xen-defaults.bbclass
- xen-image-minimal: set dom0_mem=512M via QB_XEN_CMDLINE_EXTRA
- qemuboot-xen-x86-64.cfg: add dom0_mem=512M to static syslinux
config so guest autostart has memory available
- vgabios: use ${SAVANNAH_GNU_MIRROR} for reliable downloads
- alpine-xen-guest-bundle: add per-architecture checksums for
aarch64 and x86_64 tarballs, fix S variable warning
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a host-side OCI image cache at ~/.vxn/images/ for the vdkr/vpdmn
standalone Xen path. Images pulled via skopeo are stored in a
content-addressed layout (refs/ symlinks + store/ OCI dirs) so
subsequent runs hit the cache without network access.
New commands on Xen: pull, images, rmi, tag, inspect, image <subcmd>.
The run path is unchanged — cache integration into hv_prepare_container
is deferred to a follow-up.
Also fix Docker iptables conflict: when docker-moby and vxn-docker-config
coexist on Dom0, Docker's default FORWARD DROP policy blocks DHCP for
Xen DomU vifs on xenbr0. Adding "iptables": false to daemon.json
prevents Docker from modifying iptables since VM-based containers
manage their own network stack.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Add vdkr/vpdmn as Dom0 target packages with Xen auto-detection,
native Docker/Podman config sub-packages, and OCI runtime fixes
for Docker compatibility (JSON logging, root.path, kill --all,
monitor PID lifecycle).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use setsid -c to establish a controlling terminal for the container
shell, fixing "can't access tty; job control turned off" and enabling
Ctrl-C signal delivery. Run in a subshell so setsid() succeeds without
forking (PID 1 is already a session leader).
Remove [vxn] diagnostic markers from interactive output now that
terminal mode is working. Suppress mount warning on read-only input
disk.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The containerd shim's Create RPC hung indefinitely because go-runc
captures the OCI runtime's stdout via a pipe, and cmd.Wait() blocks
until all holders of the pipe's write end close it. The background
monitor subshell inherited this pipe fd and held it open, preventing
the shim from ever proceeding to ReceiveMaster() or calling Start.
Fix by closing inherited stdout/stderr in the terminal-mode monitor
with exec >/dev/null before entering the domain poll loop. Non-terminal
mode is unaffected because the shim configures IO via FIFO dup2, where
cmd.Wait() only waits for process exit.
Additional changes for terminal mode support:
- vxn-sendtty: set PTY to raw mode (cfmakeraw) before sending fd
- vxn-oci-runtime: wait up to 5s for xenconsoled PTY, capture sendtty
return code, write persistent debug file to /root/vxn-tty-debug,
log every runtime invocation, remove stale debug logging
- vxn-init.sh: add [vxn] diagnostic markers for terminal visibility,
suppress kernel console messages early in interactive mode
- vcontainer-preinit.sh: suppress kernel messages in quiet mode
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Update SUMMARY and DESCRIPTION to note that runx is unmaintained
(upstream dormant since 2022) and that vxn provides the same Xen DomU
container functionality with pluggable hypervisor backends. go-build
is the serial FD handler companion to runx and is similarly superseded.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
