| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
The linkshared is not supported in some machines like riscv64 and
when supported we can use the GO_LINKSHARED instaed.
So export GO_LINKSHARED on the recipe to be available for Makefile.
This is currently only used in libnetwork for the proxy build, but
could be used in additional locations in the future.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
restructure the containerd source layout to avoid symlinking vendor
dependencies. This avoid go recording paths in the final binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
With this, we build and package docker without QA warnings due to
references to TMPDIR.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We get the following QA warning on build:
WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths]
This is the first step in fixing the QA warning, by dropping our
debug patch, passing -trimpath and not defining GO_DEBUG.
This leaves a final reference similar to:
path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr
That is being stored in the .rodata of the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.8-8-g579a6380e, which comprises the following commits:
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
0448673af Do not append []string{""} to command to preserve Docker compatibility
5c230ece0 Fix cleanup in critest
ed9d3dc37 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices
3364f411e Prepare release notes for v1.6.8
390920429 release workflow: remove Go setup action
cf48ba6e8 release workflow: increase timeout to 30 minutes
57873e652 release: rollback Ubuntu to 18.04 (except for riscv64)
eccb82f6d Update release build timeout to 20 minutes
6a854d4b5 Update mailmap
61612e1a2 Prepare release notes for 1.6.7
d199ee462 Update golang to 1.17.13
0578d20c5 Change os.Stderr reassign for Windows service
12cae4961 Update Vagrant CI to macos-12
bc4091aae chore: bump macos runner version
cb73bd050 Windows HostProcess container CRI stats test
ac388525a Add validations for Windows HostProcess CRI configs
0007f40fe [release/1.6] go.mod: Bump hcsshim to v0.9.4
c9607e78c Update Fedora version to 36
2952b66c0 CI: add riscv64 builds
6b2dc9a37 release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64
745dc07c4 seccomp: support riscv64
c2f841f21 Create ppc64le release
86b55bd8d seccomp: allow clock_settime64 when CAP_SYS_TIME is added
f3da3e51f allow ptrace(2) by default for kernel >= 4.8
aa1101068 [release/1.6] update golang to 1.17.12
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The sysvinit functionality conflicts with the docker daemon
settings required for the systemd docker.socket.
Ensure that the sysvinit capabilities are only enabled if
systemd is not present.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.17-2-g3949ff121e, which comprises the following commits:
ff7feeac37 vendor: github.com/containerd/continuity v0.3.0
6f3f2b6d08 update containerd binary to v1.6.6
b3bcb15da8 update containerd binary to v1.6.5
f55b030fa0 system: unbreak build for darwin
63ab12cd3a Port pkg/system/mknod.go to FreeBSD
081e538fbd vendor: libnetwork f6ccccb1c082a432c2a5814aaedaca56af33d9ea
8e9d647c01 [20.10] update golang to 1.17.11
87ead7fd2a vendor: hcsshim a11a2c44e8a4aa9d66314b1d759ef582df5ab5e8
27f8322324 vendor: libnetwork 2dab5620d4462865c6151e573b3e7fa5d3b8458b
829951ec19 docs: api: /containers/{id}/attach/ws: remove unsupported query-args < v1.42
6cbe73bfc0 Rename Reservation to Reservations in the open API
d9ed3d7e28 update runc binary to v1.1.2
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
Bumping libnetwork to version v0.7.0-dev.3-1835-gf6ccccb1, which comprises the following commits:
af0c46d8 Apply peformance tuning to new sandboxes also
23ffb31f Set ExternalPortReserved for dummy proxy
9b82e422 Bump hcsshim
9db86fb7 Only check if route overlaps routes with scope: LINK
Bumping docker-cli to version v20.10.17, which comprises the following commits:
7502d7e56 Fix dead external link
308624c3b fix: remove asterisk from docker command suggestions
de7d866b6 [20.10] update golang to 1.17.11
240e4b550 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5d4776bd9 [20.10] update golang to 1.17.10
49e9c2ae3 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
87a3ce269 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
1d8abed17 vendor: update x/sys to 134d130e
31dad66f9 [20.10] update golang to 1.17.9
80f673bf9 gofmt with go1.17
3d4cc8e69 [20.10] update remaining files to go1.17.8
30277a8f8 update go to 1.17.8
cfef3a7dc docs: deprecated: add entry for "fluent-async-connect" log-opt
53426025c [20.10] docs: reformat table for compatibility
573a66463 Describe privileged mode in terms of capabilities
cf0ab7ac4 [20.10] vendor: github.com/docker/distribution v2.8.1
d05fd4ffc [20.10] vendor: github.com/opencontainers/image-spec v1.0.2
870f13825 [20.10] vendor: github.com/docker/docker v20.10.14
198d6b872 [20.10] circleci: update buildx to v0.8.2
55a14ec85 [20.10] update remaining Dockerfiles to go 1.16.15
1f9a0df05 e2e: update docker-compose to 1.29.2
4ae338b33 docs: reference: remove trailing space to fix yaml formatting
6380142dd docs: fix (table) formatting, fix some broken links
82f422fcf docs: build: fix minor markdown and syntax issues
80fd77903 Update the list of log drivers
c3d4d623c Fix CMD --ignored-param1 example
2e82d11de docs: dockerd: fix broken link in blockquote area
738a6ee1c improve cp documentation with some illustration examples
246d96bb6 docs: unify "docker create" and "docker run" reference
2fd0f1705 docs: add missing documentation for --pull flag
5fa500000 Fix incorrect pointer inputs to `json.Unmarshal`
1e6a8ce2b Dockerfile: update xx to 1.1
6f7a931a2 [20.10] use GO_LDFLAGS instead of LDFLAGS to prevent inheriting unrelated options
91bab605f [20.10] vendor.conf: don't use git:// protocol
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
700364e30 Fix mistake with env var example in docker run docs
62d27c32f Update WORKDIR command information
c0e952cf0 Fix the (dead) link for docs for Dockerfile syntax reference
04104a04d Update dockerd.md
b721998b7 Fixing typo (his --> its)
4065e1246 format create.md table
f1002eb9f Fix typo
e97c7b240 added missing closing parenthese
aa7893763 Update stats.md add example json output
40fe0573a Update Ubuntu version number references in push.md
c9737e1c3 docs/daemon: replace deprecated '-g' option for '--data-root'
5c6723d08 Correct device syntax to --gpus
fd5fc61ec [20.10] Update Go to 1.16.14
3624019d8 [20.10] update Go to 1.16.13
f3ff8e6ad [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog
ee1ac1b31 fix innocuous data-race when config.Load called in parallel
38dd744a1 [20.10] Update Go to 1.16.12
4de40a825 Update Go to 1.16.11
03fa8f92c Update Go to 1.16.10
9989fdbc4 Update most links in docs to use https by default
0e20c1fd2 Update Go to 1.16.9
1c0927a04 Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg
82f9d5921 info: skip client-side warning about seccomp profile on API >= 1.42
adb01ca79 docs: some minor touch-ups in checkpoint reference
8260476a0 docs: remove trailing space to fix generated YAML format
bce2e1f95 docs: create.md: typo fix
44064f51c Fix typo in documentation - build.md
292779add Add doc for BUILDKIT_PROGRESS env var
f2e79b826 docs: use "console" code-hint for shell examples
fa46b9236 docs: rewrite reference docs for --stop-signal and --stop-timeout
400f81089 experimental: fix broken link to "checkpoint and restore" page
c72057c8d docs: move checkpoint/restore doc from experimental into reference
77db97d59 Use private network address for default-address-pools setting in daemon.json example
cbf0d2b7b docs: fix some broken anchors
d0014a86b docs: fix description of restart-delay to mention max (1 minute)
6c1c8b55a docs: fix search results by filterd is-official
44fdac11f Update Go to 1.16.8
061051c24 docs: add missing redirect, and remove /go/experimental redirect
2012fbf11 Update Go to 1.16.7
42d1c0275 registry: ensure default auth config has address
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.17-2-g3949ff121e, which comprises the following commits:
ff7feeac37 vendor: github.com/containerd/continuity v0.3.0
6f3f2b6d08 update containerd binary to v1.6.6
b3bcb15da8 update containerd binary to v1.6.5
f55b030fa0 system: unbreak build for darwin
63ab12cd3a Port pkg/system/mknod.go to FreeBSD
081e538fbd vendor: libnetwork f6ccccb1c082a432c2a5814aaedaca56af33d9ea
8e9d647c01 [20.10] update golang to 1.17.11
87ead7fd2a vendor: hcsshim a11a2c44e8a4aa9d66314b1d759ef582df5ab5e8
27f8322324 vendor: libnetwork 2dab5620d4462865c6151e573b3e7fa5d3b8458b
829951ec19 docs: api: /containers/{id}/attach/ws: remove unsupported query-args < v1.42
6cbe73bfc0 Rename Reservation to Reservations in the open API
d9ed3d7e28 update runc binary to v1.1.2
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
Bumping libnetwork to version v0.7.0-dev.3-1835-gf6ccccb1, which comprises the following commits:
af0c46d8 Apply peformance tuning to new sandboxes also
23ffb31f Set ExternalPortReserved for dummy proxy
9b82e422 Bump hcsshim
9db86fb7 Only check if route overlaps routes with scope: LINK
Bumping docker-cli to version v20.10.17, which comprises the following commits:
7502d7e56 Fix dead external link
308624c3b fix: remove asterisk from docker command suggestions
de7d866b6 [20.10] update golang to 1.17.11
240e4b550 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5d4776bd9 [20.10] update golang to 1.17.10
49e9c2ae3 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
87a3ce269 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
1d8abed17 vendor: update x/sys to 134d130e
31dad66f9 [20.10] update golang to 1.17.9
80f673bf9 gofmt with go1.17
3d4cc8e69 [20.10] update remaining files to go1.17.8
30277a8f8 update go to 1.17.8
cfef3a7dc docs: deprecated: add entry for "fluent-async-connect" log-opt
53426025c [20.10] docs: reformat table for compatibility
573a66463 Describe privileged mode in terms of capabilities
cf0ab7ac4 [20.10] vendor: github.com/docker/distribution v2.8.1
d05fd4ffc [20.10] vendor: github.com/opencontainers/image-spec v1.0.2
870f13825 [20.10] vendor: github.com/docker/docker v20.10.14
198d6b872 [20.10] circleci: update buildx to v0.8.2
55a14ec85 [20.10] update remaining Dockerfiles to go 1.16.15
1f9a0df05 e2e: update docker-compose to 1.29.2
4ae338b33 docs: reference: remove trailing space to fix yaml formatting
6380142dd docs: fix (table) formatting, fix some broken links
82f422fcf docs: build: fix minor markdown and syntax issues
80fd77903 Update the list of log drivers
c3d4d623c Fix CMD --ignored-param1 example
2e82d11de docs: dockerd: fix broken link in blockquote area
738a6ee1c improve cp documentation with some illustration examples
246d96bb6 docs: unify "docker create" and "docker run" reference
2fd0f1705 docs: add missing documentation for --pull flag
5fa500000 Fix incorrect pointer inputs to `json.Unmarshal`
1e6a8ce2b Dockerfile: update xx to 1.1
6f7a931a2 [20.10] use GO_LDFLAGS instead of LDFLAGS to prevent inheriting unrelated options
91bab605f [20.10] vendor.conf: don't use git:// protocol
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.3-2-g1e7bb5b7, which comprises the following commits:
eb1552a0 VERSION: back to development
6724737f VERSION: release 1.1.3
91fa032d ci: add basic checks for CHANGELOG.md
7219387e cgroups: systemd: skip adding device paths that don't exist
93d1807b libcontainer: relax getenv_int sanity check
8242c05d script/seccomp.sh: check tarball sha256
017cb29b Dockerfile,scripts/release: bump libseccomp to v2.5.4
51649a7d Allow mounting of /proc/sys/kernel/ns_last_pid
3a09da6b ci: drop docker layer caching from release job
8b93f9fb seccomp: enosys: always return -ENOSYS for setup(2) on s390(x)
fc2a8fe1 libct/cg/sd: check dbus.ErrClosed instead of isDbusError
d105e052 libct/seccomp/config: add missing KillThread, KillProcess
e4474ef8 [1.1] vendor: bump seccomp/libseccomp-golang to f33da4d
dc083b2b fix deprecated ActKill
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.3-2-g1e7bb5b7, which comprises the following commits:
eb1552a0 VERSION: back to development
6724737f VERSION: release 1.1.3
91fa032d ci: add basic checks for CHANGELOG.md
7219387e cgroups: systemd: skip adding device paths that don't exist
93d1807b libcontainer: relax getenv_int sanity check
8242c05d script/seccomp.sh: check tarball sha256
017cb29b Dockerfile,scripts/release: bump libseccomp to v2.5.4
51649a7d Allow mounting of /proc/sys/kernel/ns_last_pid
3a09da6b ci: drop docker layer caching from release job
8b93f9fb seccomp: enosys: always return -ENOSYS for setup(2) on s390(x)
fc2a8fe1 libct/cg/sd: check dbus.ErrClosed instead of isDbusError
d105e052 libct/seccomp/config: add missing KillThread, KillProcess
e4474ef8 [1.1] vendor: bump seccomp/libseccomp-golang to f33da4d
dc083b2b fix deprecated ActKill
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
commit e4474ef881401b2f3ed3ba806a288bb986dcac49 of runc does a vendor
update which includes the reverted fix again. The commit is after 1.2.0
and before 1.3.0 --> the next cherry-pick updates runc to 1.3.0 and the
fix will be back.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.16, which comprises the following commits:
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
be7855fdbe vendor: update github.com/containerd/cgroups and github.com/cilium/ebpf
414a9e24a7 update containerd binary to v1.6.4
47b6a924b6 update containerd binary to v1.6.3
6d7c2b2d26 update containerd binary to v1.6.2
91708bf704 update containerd binary to v1.6.1
53ae17008e Revert "[20.10] update containerd binary to 1.5.11"
961b9a78d5 update runc binary to v1.1.1
97972dac5f update runc binary to v1.1.0
033a819714 [20.10] update golang to 1.17.9
a80884126b Jenkinsfile: add workaround for CVE-2022-24765
09d6fcdfec update to go 1.17.8 to address CVE-2022-24921
5957684b2c Update Go to 1.17.7
55b72c70ba Update Go to 1.17.6
fdf3020bd5 Update Go to 1.17.5
36e164ba80 Update Go to 1.17.4
ecfba8f588 Update Go to 1.17.3
4e14dcc125 Update Go to 1.17.2
c32b5ece31 Update Go to 1.17.1
7096508811 vendor: update archive/tar to match Go 1.17.0
a1150245cc Update to Go 1.17.0, and gofmt with Go 1.17
95cc7115fb hack/vendor.sh: allow go version to be specified with .0
949c33b1c5 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
8392285876 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
4e81bcf380 Makefile: update buildx to v0.8.2
74e699c8d3 Makefile: update buildx version to v0.6.0
bc3cc2e7ac Makefile: install buildx from binary release, instead of building
492fac20af api: docs: fix indentation of HostConfig.SecurityOpt (v1.39-v1.41)
3cba2682d8 api: docs: move ContainerWaitResponse to definitions (v1.39-v1.41)
55e71450ae api: docs: move VolumeCreateOptions to definitions (v1.39-v1.41)
c54362cd64 api: docs: move Volume examples inline (v1.39-v1.41)
c60ff9b296 doc: server API Correct ImagesCreate - platform parameter added in 1.32
7a45f7a8cc docs: cleanup swagger API with multiple examples (v1.25-v1.41)
29bb9204bf api: docs: add IPAMConfig on IPAM (v1.41)
77f6564369 api: docs: document MountPoint fields (v1.25-v1.41)
51ea235ab8 api: docs: remove deprecated RootFS.BaseLayer (API v1.25-v1.41)
3d6b4ae572 Correct type of Mounts in ContainerSummary in docs (v1.25-v1.40)
6e8b9809b7 Correct type of Mounts in ContainerSummary in docs
621a98dac0 api: docs: fix warning about comment indentation (API v1.40-v1.41)
bb9ef98060 api: docs: update docs for /images/{name}/json (API v1.39-v1.41)
88ca5cec4e daemon: fix error-message for minimum allowed kernel-memory limit
3ea996abd7 docs: add missing KernelMemoryTCP to api v1.40 and v1.41
b475bc95cd docs/api: add missing 400 response for POST /containers/{id}/wait
ae07b3cc96 docs/api: update /containers/{id}/wait "condition" parameter (v1.30-v1.41)
19555fa92d [20.10] vendor: github.com/docker/distribution v2.8.1
32fe0bbb91 daemon: use RWMutex for stateCounter
ed8fb00b65 errdefs: move GetHTTPErrorStatusCode to api/server/httpstatus
3bd611d7a5 log error message when receiving an unexpected type error
7dfe7a1752 [20.10] update containerd binary to 1.5.11
af953d2f38 [20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
5f9753ae73 client: remove containerd "platform" dependency
4df345e65d client: remove unused Platform field from configWrapper
dd38613d0c oci: inheritable capability set should be empty
2825bf7123 Only check if route overlaps routes with scope: LINK
f5c56eaca8 [20.10] bump swarmkit for config size increase
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Bumping libnetwork to version v0.7.0-dev.3-1830-g339b972b, which comprises the following commits:
9db86fb7 Only check if route overlaps routes with scope: LINK
7b9c2905 fix port forwarding with ipv6.disable=1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v20.10.16, which comprises the following commits:
a15acb4bd6 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
5f2e0b79ad [20.10] update golang to 1.17.10
be7855fdbe vendor: update github.com/containerd/cgroups and github.com/cilium/ebpf
414a9e24a7 update containerd binary to v1.6.4
47b6a924b6 update containerd binary to v1.6.3
6d7c2b2d26 update containerd binary to v1.6.2
91708bf704 update containerd binary to v1.6.1
53ae17008e Revert "[20.10] update containerd binary to 1.5.11"
961b9a78d5 update runc binary to v1.1.1
97972dac5f update runc binary to v1.1.0
033a819714 [20.10] update golang to 1.17.9
a80884126b Jenkinsfile: add workaround for CVE-2022-24765
09d6fcdfec update to go 1.17.8 to address CVE-2022-24921
5957684b2c Update Go to 1.17.7
55b72c70ba Update Go to 1.17.6
fdf3020bd5 Update Go to 1.17.5
36e164ba80 Update Go to 1.17.4
ecfba8f588 Update Go to 1.17.3
4e14dcc125 Update Go to 1.17.2
c32b5ece31 Update Go to 1.17.1
7096508811 vendor: update archive/tar to match Go 1.17.0
a1150245cc Update to Go 1.17.0, and gofmt with Go 1.17
95cc7115fb hack/vendor.sh: allow go version to be specified with .0
949c33b1c5 vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
8392285876 vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
4e81bcf380 Makefile: update buildx to v0.8.2
74e699c8d3 Makefile: update buildx version to v0.6.0
bc3cc2e7ac Makefile: install buildx from binary release, instead of building
492fac20af api: docs: fix indentation of HostConfig.SecurityOpt (v1.39-v1.41)
3cba2682d8 api: docs: move ContainerWaitResponse to definitions (v1.39-v1.41)
55e71450ae api: docs: move VolumeCreateOptions to definitions (v1.39-v1.41)
c54362cd64 api: docs: move Volume examples inline (v1.39-v1.41)
c60ff9b296 doc: server API Correct ImagesCreate - platform parameter added in 1.32
7a45f7a8cc docs: cleanup swagger API with multiple examples (v1.25-v1.41)
29bb9204bf api: docs: add IPAMConfig on IPAM (v1.41)
77f6564369 api: docs: document MountPoint fields (v1.25-v1.41)
51ea235ab8 api: docs: remove deprecated RootFS.BaseLayer (API v1.25-v1.41)
3d6b4ae572 Correct type of Mounts in ContainerSummary in docs (v1.25-v1.40)
6e8b9809b7 Correct type of Mounts in ContainerSummary in docs
621a98dac0 api: docs: fix warning about comment indentation (API v1.40-v1.41)
bb9ef98060 api: docs: update docs for /images/{name}/json (API v1.39-v1.41)
88ca5cec4e daemon: fix error-message for minimum allowed kernel-memory limit
3ea996abd7 docs: add missing KernelMemoryTCP to api v1.40 and v1.41
b475bc95cd docs/api: add missing 400 response for POST /containers/{id}/wait
ae07b3cc96 docs/api: update /containers/{id}/wait "condition" parameter (v1.30-v1.41)
19555fa92d [20.10] vendor: github.com/docker/distribution v2.8.1
32fe0bbb91 daemon: use RWMutex for stateCounter
ed8fb00b65 errdefs: move GetHTTPErrorStatusCode to api/server/httpstatus
3bd611d7a5 log error message when receiving an unexpected type error
7dfe7a1752 [20.10] update containerd binary to 1.5.11
af953d2f38 [20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
5f9753ae73 client: remove containerd "platform" dependency
4df345e65d client: remove unused Platform field from configWrapper
dd38613d0c oci: inheritable capability set should be empty
2825bf7123 Only check if route overlaps routes with scope: LINK
f5c56eaca8 [20.10] bump swarmkit for config size increase
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The current upx will trigger the Bitbake Fetcher Error added in
Kirkstone 4.0.5 189a6d452e3037c9e94ccdf6af38359fc6058064 commit. This
patch replaces gitsm with git and explicitly adds the git submodules
with the corresponding commits.
Change-Id: I1b1231f06481f7a1e25dc35277d0f1725c7631e0
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upx development branch history has been rebaseed, so we update
our SRCREV to match.
As part of this update, we can drop our patch as it has now been
merged into the project.
The cmake structure has changed slightly, so we inherit cmake-native
to make it available as part of the Makefile driven build.
And finally, the name and location of the binary has changed, so
we adapt our install rule to match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The yq build was broken:
- some repositories have moved from master -> main
- missing dependencies, that were being fetched in the compile task
Correcting these issues fixes yq' build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Move the xilinx specific bbappend to a wildcard append.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
After upgrading from honister to kirkstone the build always failed
during the package_write_ipk step, because the package name has
been overwritten because of the typo in FILES.
While investigating, I discovered another typo in class-devupstream.
Signed-off-by: Guenther Meyer <g.meyer@signum-media.de>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
buildah is a command line tool, to be installed and run on target,
that can be used to:
- create a working container, either from scratch or using an image
as a starting point
- create an image, either from a working container or via the
instructions in a Dockerfile
- images can be built in either the OCI image format or the
traditional upstream docker image format
- mount a working container's root filesystem for manipulation
- unmount a working container's root filesystem
- use the updated contents of a container's root filesystem as a
filesystem layer to create a new image
- delete a working container or an image
- rename a local container
Testing:
Setup the build directory:
$ . oe-init-build-env <build_dir>
Add to local.conf:
IMAGE_INSTALL:append = " buildah kernel-modules"
KERNEL_FEATURES += "features/overlayfs/overlayfs.cfgi \
features/netfilter/netfilter.scc \
features/lxc/lxc-enable.scc"
IMAGE_ROOTFS_EXTRA_SPACE = "5242880"
Build image:
$ bitbake core-image-minimal
Run the image:
$ runqemu nographic kvm qemuparams="-m 4096"
On target:
Pull an image:
> cnt=$(buildah from fedora)
Or build from Dockerfile
> buildah bud -t <image_name>:<tag> .
Mount the image:
> mnt=$(buildah mount ${cnt})
Install packages on the container rootfs:
> dnf install --installroot $mnt <packages_to_install> -y
Copy local files to the container:
> buildah copy $cnt <local_file> <dest_on_container>
Save the changes to an image
> buildah commit --format docker $cnt <name>:<tag>
Run the image using buildah:
> buildah run $cnt /bin/sh
Or using docker:
> docker run -it <name>:<tag>
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This is useful for podman system tests.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
2b28d64667e4c22434b9db0a87a1265a0caedb66 brought a typo when resolving
merge/rebase conflict. This fixes it.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE was fixed[1] in the container image go library skopeo is using
(vendoring). The current version of the image go module is v5.20.0 while
the fix landed since v3.0.0[2].
See RedHat's resolution[3] for more details.
[1] https://github.com/containers/image/issues/654
[2] https://github.com/containers/image/pull/669/commits/a3d69a4a89244803d2f5350aca6dd0fcbe444551
[3] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10214
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Files are sorted in lexicographic order. Moving podman-rootless.conf to
something greater then '00' would help with systems providing default
values in other configuration files that can be overridden by
podman-rootless.conf.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Upgrade ceph to latest v15.x.
Minor upgrade containing fix for CVE-2022-0670.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
There is no need we can see for this dependency to be provided as such -
especially forcing this to using glibc.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
clang-based builds are still broken due to:
https://github.com/llvm/llvm-project/issues/53999
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
clang-based builds are still broken due to:
https://github.com/llvm/llvm-project/issues/53999
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This will fix clang-based builds.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This will fix clang-based builds.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.6.6-10-g4e92d8e7e, which comprises the following commits:
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
fa2016d58 [release/1.6] Downgrade MinGW to version 10.2.0
99c56d217 ctr: fix label args used in NewContainer
51de785f8 [release/1.6] Make building static binaries simpler
2ea4e6348 update runc binary to v1.1.3
61213742a Prepare release notes for v1.6.6
f92068350 Implicitly discard the input to drain the reader
2eb67213b [release/1.6] Limit the response size of ExecSync
185e87275 Prepare release notes for v1.6.5
5c9c83d3e [release/1.6] update golang to 1.17.11
fdcdc27bc update go-cni/for cni update fixing plugins that don't respond with version
e33b9e709 archive: add human-readable hint to Lchown error
3bb5a9d19 config: improve config v1 deprecation message
6eff5b6c0 [release/1.6] go.mod: Bump hcsshim to 0.9.3
f1d2d9260 [release/1.6] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
9f99be51b [release/1.6] update golang to 1.17.10
246a1b42e vendor: github.com/opencontainers/runc v1.1.2
43717e03a update runc binary to v1.1.2
82a77be2d reverts removal of parallel run from critest
06bdfeb67 Allow git commands in Vagrantfile
70839a344 Bug fix for mount path handling
1520bae0f update critools to v1.24
0d1d2953b Prepare release notes for 1.6.4
42d691fe6 Bump opencontainers/selinux from 1.10.0 to 1.10.1
e9f22e008 Update go-cni to v1.1.5
be4909e95 cri: close fifos when container is deleted
baa386dc0 Prepare release notes for v1.6.3
e8da82adc tracing: fix panic on startup when configured
1764ea9a2 CRI: improve image pulling performance
9cd76d465 [release/1.6] update golang to 1.17.9
c09cc1242 check for duplicate nspath possibilities
fe6ba62ce metrics/cgroups: fix deadlock issue in Add during Collect
8b81a7843 [release/1.6] go.mod: update image-spec to merge-commit of v1 into main
f2ba2041b update runc binary to v1.1.1
b736b4dab go.mod: github.com/opencontainers/runc v1.1.1
72f1e58c7 CI: add Rocky Linux 8
7ede40c5c [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4
5538be6cf cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events
da35c19da Test turning off golang CI lint cache
a0213573b Add nolint:staticcheck to platform-specific calls
ad0036ed6 Update prometheus client vendor
c7bbf316f Mount devmapper xfs file system with "nouuid" option.
a1de89c3e Make the temp mount as ready only in container WithVolumes
82a12edf2 moving up to go-cni v1.1.4
28b44826b native: fix deadlock from leaving transactions open
8461dd6e5 Prepare release notes for v1.6.2
91800c4e9 Add static checks to shim for Windows
ca51d7f85 Update go.mod go version
765df6609 [release/1.6] remove empty go mod to allow building for go 1.18
e9af80859 Fix the Inheritable capability defaults.
7c929318a Update TestNormalize to only test Windows
06985e7d0 Upgrade golangci-lint and its GitHub Action
b13d3e05c cri: relax test for system without hugetlb
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add an optional parameter that allows to override the stop
signal that is used.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This support is disabled by default and exposed via PACKAGECONFIG.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Podman can run in via a docker symlink emulating docker commands. By
default this generates a runtime warning. This change silences it via
the provided interface.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
slirp4netns uses a TAP device to connect to the internet in an
unprivileged way. Without the required kernel support (TAP/TUN),
slirp4netns will fail at runtime.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.2-9-gb507e2da, which comprises the following commits:
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
cdfdbe55 VERSION: back to development
a916309f VERSION: release 1.1.2
364ec0f1 runc: do not set inheritable capabilities
8959e372 VERSION: back to development
52de29d7 VERSION: release 1.1.1
2636e1cb CHANGELOG.md: add 1.1.1 release notes
036cc348 CI/cirrus: add centos-stream-9
db953158 README.md: add cirrus-ci badge
ea19181e README,libct/README: fix pkg.go.dev badges
8290c4cf libct/cg: IsCgroup2HybridMode: don't panic
ee7ba6cb configs/validate: looser validation for RDT
96193422 libct/cg/sd/v2: fix ENOENT on cgroup delegation
35784a3e ensure the path is a sub-cgroup path
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.2-9-gb507e2da, which comprises the following commits:
bf1cd884 ci: use golangci-lint-action v3, GO_VERSION
1feafc31 ci: bump golangci-lint to v1.44
89f79ff0 libct: StartInitialization: fix %w related warning
3b7f2605 Format sources using gofumpt 0.2.1
eeac4e77 build(deps): bump actions/checkout from 2 to 3
cd7fa00d Vagrantfile.fedora: fix build wrt new git
cdfdbe55 VERSION: back to development
a916309f VERSION: release 1.1.2
364ec0f1 runc: do not set inheritable capabilities
8959e372 VERSION: back to development
52de29d7 VERSION: release 1.1.1
2636e1cb CHANGELOG.md: add 1.1.1 release notes
036cc348 CI/cirrus: add centos-stream-9
db953158 README.md: add cirrus-ci badge
ea19181e README,libct/README: fix pkg.go.dev badges
8290c4cf libct/cg: IsCgroup2HybridMode: don't panic
ee7ba6cb configs/validate: looser validation for RDT
96193422 libct/cg/sd/v2: fix ENOENT on cgroup delegation
35784a3e ensure the path is a sub-cgroup path
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The base inittab recipe is creating inittab entries for consoles listed
in SERIAL_CONSOLES.
For qemu, this contains "115200,hvc0" so an entry is created in inittab
for it.
Prevent to create a second entry if hvc0 is present in SERIAL_CONSOLES.
On qemuarm, this solves issues with the console when starting on top of
Xen as dom0.
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The project's internal Makefile uses BUILDFLAGS variable to pass
arguments to `go build` while Yocto/OE defines it as GOBUILDFLAGS. Add a
patch to align this and avoid using host headers in which case, a musl
build will fail similarly to:
| [...]ld: /tmp/go-link-3172010154/000015.o: in function `vfprintf':
| /usr/include/x86_64-linux-gnu/bits/stdio2.h:130: undefined reference to `__vfprintf_chk'
| [...]ld: /tmp/go-link-3172010154/000016.o: in function `fprintf':
| /usr/include/x86_64-linux-gnu/bits/stdio2.h:100: undefined reference to `__fprintf_chk'
| collect2: error: ld returned 1 exit status
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The redhat versions work with out modification.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Just as with systemd, the build needs the dev manager installed
as a dependancy
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Adjust the GOROOT setting as directory specified by the original
one does not exist.
The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
