| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
The recipe sets REQUIRED_DISTRO_FEATURES:class-native but never
inherits features_check, so the requirement was silently ignored.
OE-core now has an unhandled-features-check QA test that catches
this and fails the build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
6.12 has been removed from OEcore, so we drop our appends
as well.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
irqbalance: correct to install /etc/default for sysvinit
1.This commit uses option --with-pkgconfdir for sysvinit to correct to install /etc/default
Without this fix, there will show do_package QA Issue when sysvinit is used
ERROR: irqbalance-1.9.4+git-r0 do_package: QA Issue: irqbalance: Files/directories were installed but not shipped in any package:
/usr/etc
/usr/etc/default
/usr/etc/default/irqbalance.env
Previous PACKAGECONFIG[systemd] only works when systemd is used. So making this patch to fix it.
2.Merge DEPENDS for systemd into PACKAGECONFIG[systemd]
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The anonymous python function prints a banner unconditionally at
parse time, which means it appears when building any recipe (e.g.
xen-image-minimal), not just vcontainer-tarball. Remove the
parse-time banner since the post-build banner in
do_populate_sdk:append() already provides the same information
and only fires when actually building the tarball.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
libxenmanage was introduced in Xen 4.21, but its packaging was added
to the shared xen-tools.inc. When building older versions (e.g. 4.20),
the library is not produced and the empty package breaks the hard
RDEPENDS from xen-tools, causing do_rootfs failures.
Add ALLOW_EMPTY following the existing pattern used for other
version/arch-conditional packages in this file.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v5.7.1-5-gec1b7c989f, which comprises the following commits:
2b52342af9 Use explicit download-artifact name and path for win-installer release
36c405582a Bump Podman to v5.7.2-dev
f845d14e94 Bump to v5.7.1
6ecc622841 Final release notes update for v5.7.1
d0558385ec kube play: Fix fd leak when handling symlinks
214f5b2fd9 Update release notes for v5.7.1
678d1b4bfd avoid potential nil ptr deref in image rm
ba6e527289 fix: check err returned by newGenericDecompressor
68022802fc pkg/specgen/generate: Fix adding host devices on FreeBSD
a27cc24f80 Replace FindExecutablePeer with FindHelperBinary
dc7509fe38 [v5.7] Bump common to v0.66.1
7ce2e00ab1 libpod: simplify resolveWorkDir()
e576e002e9 libpod: fix workdir MkdirAll() all check
f348d1bd5b [v5.7] Bump Buildah to v1.42.2, runc to v1.3.4
9538a7d976 rootless_linux.c: use shortcut for system commands
0647387bfe SetupRootless handle case where conmon pid are not valid
118ec04065 preallocate paths in SetupRootless
6a9ce66e5c fix noMoveProcess in SetupRootless
973ab34078 use return error handling in SetupRootless
363665a456 pkg/machine: make mount units hook into local-fs
db82b92d0a docs: fix redoc swagger URL
9257ac4822 Bump Podman to v5.7.1-dev
0370128fc8 Bump to v5.7.0
84c31b8fae Create release notes for v5.7.0
b6b8d23abd hack/bats: port it to use the new remote support
129c344b49 test/system: fix broken podman_runtime
708f7a14f3 test/system: fix artifact test cleanup
e737d75b2f test/system: merge artifact tests into single file
58733d714a test/system: rework artifact created test
372e142252 test/system: remove 701-artifact-created.bats
bfddcb3384 test/system: do not run artifact test in parallel
199254f039 test/system: skip flaky restore test on debian
0c99f623aa test/e2e: try to fix clean up after terminated build flake
ec1efdbdac [v5.7] Packit/TMT: remove podman-next repos from release branches
97ad660c0c [v5.7] fix lint issues with github.com/cyphar/filepath-securejoin
e6deadcc34 [v5.7] Bump to runc v1.3.3 - CVE-2025-52881
cbda92e6b3 rotate aws meta_task keys
3d23aa4a6b rotate aws key
da8d069e6a Bump Podman to v5.7.0-dev
85a6e7f8d7 Bump to v5.7.0-rc3
b7d1f77147 Update release notes for v5.7.0-rc3
fb8644d551 Fix cache misses when pulling WSL machine image
c4357e7112 test: organize search tests with BeforeEach/AfterEach patterns
64fbc2557e test: refactor search_test.go to use helper functions and PodmanExitCleanly
d6f660076b test: Replace external registry deps with mock server in search tests
a59eaccbe2 Add tmt integration plan
bfae53709c Bump bundled krunkit from 1.1.0 to 1.1.1
f12c838fb7 Allow RC Windows Installer to be built
d0b45ff1f0 Allow failures on WSL machine tests
e68cecbb60 Bump Podman to v5.7.0-dev
fa892f1df0 Bump to v5.7.0-rc2
e16a54c6bc Add release notes for v5.7.0-rc2
667757583b Bump bundled krunkit from 0.2.2 to 1.1.0
537a0233ae Fix Windows Installer GH release
829864ba74 Add CreatedAt format option to podman artifact ls
7f780d866b Bump Podman to v5.7.0-dev
03f8a02983 Bump to v5.7.0-rc1
9b5751089b Add release notes for v5.7.0-rc1
61291e8c70 quadlet: add `cat` alias for `print`
c72102d1b2 Bump Buidah to v1.42.0 for Podman v5.7
f957852e4a fix: failing tests
8e013c0012 feat(quadlet: kube): support multiple Yaml entries
9ea18b78fa Warn on boltdb use
339a432dd9 fix artifact inspect issues
9bda788edf feat(cmd): podman kube play support multiple arguments
0ea4eaee70 cmd/podman: add replace flag to quadlet install
ca106301f8 fix: typo in uidmap option doc
0b1e9a76a5 RPM: build with sequoia for F43+
1fbf24b65b feat: add `--format` flag to artifact inspect
538229da90 artifact: added CREATED column to artifact ls Fixes: #27314
bb4fa066b3 fix remote command parameters
43ff7a4c13 Add a test for containers.conf runtime options
f87c8b9cba docs: introduce custom version selector in api.html
f6dd05d9c4 add test for container name without Pod name prefix feature
a27fd9bd89 Allow artifact add to override org.opencontainers.image.title annotation
bc571ae542 Vendor in latest go.podman.io/common
74788a3fe1 fileperms: newer Go 1.13+ octal literal format
1800b34b51 Quadlet build - add support for IgnoreFile key
0a20e22384 Add default runtime flags in config
cfd4cc0932 remove libartifact from podman
b394fe1a87 chore: remove repetitive word in cmd/podman/README.md
098d8efecc add option to remove Pod name prefix in resulting container name
9dbc33bb25 Add a new Windows installer supporting user scope
fa5d6cc103 docs: initialize redoc via JS API
858150288f docs: generate Reference version list from json file
56fee79d3c fix: system prune JSON unmarshalling error in remote client
73e42b3c9c [skip-ci] Update actions/setup-node action to v6
b2aefd4cf9 docs: add missing manifest parameter to build API endpoints
1e713c1a5f Add BuildArg example into documentation
34254cd1d0 Add artifact quadlet unit type support
6d63d165ef Fix flaky sysctl completion by handling /proc/sys errors gracefully
b4d81c0338 Run `make validatepr`
c0a09e7f10 Update docs/source/markdown/podman-systemd.unit.5.md
1656c90c6e Iterate through all machine providers in FindMachineByPort
a1e7e9a46d Add local build API for direct filesystem builds on MacOS and Windows (only WSL)
1f1354c2a4 fix(deps): update module golang.org/x/term to v0.36.0
e3c9fa6ddd Update docs for StopTimeOut
6786f59648 SECURITY.md: point to container-libs
a696f8bccb Update documentation to include BuildArg key
196be4b813 Test for multiple key/val arguments
720e263767 Add BuildArg key to quadlets
aaf957edf9 fix(deps): update module golang.org/x/sys to v0.37.0
d1c43e3ae8 Fixed #27120: Pod Quadlet can configure podman pod stop --time
928a50d228 fix(deps): update module golang.org/x/net to v0.45.0
79ecc1d56b Fix --userns=ns:<path> conflicting with runc 1.1.11+
98cb7b75d9 quadlet: standardize Convert function signatures
b765c91580 Add --replace option to podman artifact add command
3e774ee285 test/system: actually wait for container removal
fdb5ac5e8f test/system: run_podman ? needs quoting
09e535fb46 quadlet: remove unused 'name' parameter from ConvertNetwork and ConvertVolume
4bd6aff4b6 fix: #23915 podman build is not parsing sbom command line arguments
3a98b6dc0e test: Wait for killed container to avoid leak
b415b0ad3e Update pkg/api/server/register_artifacts.go
fb3eaf0c87 [DOCS] Add missing stable swagger API links
72ffd00c5a fix(deps): update module github.com/onsi/ginkgo/v2 to v2.26.0
00309d3955 secret ls: align docs, completion, and tests; fix formatting
6405925f79 Add artifact fallback to podman inspect command
a724fce8aa pkg/api: api list quadlets resource
3c3b805ea7 cmd/podman: --ignore errors flag to artifact rm
090304a054 lint: reenable revive unused-parameter check
88bca78c6e stop service instances
004e6ced76 test: remove outdated skip in podman run check personality support test
3b509022cd fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.9
83e65f91a4 Quadlet - Support template dependency
87b4f842de test: fix "run healthcheck" bindings test
ebde5d1563 cmd: add auto completion for network create --interface-name
e667532110 docs: point Go Report Card badge to v5 module path
ef0a7dd486 pkg/api/handlers/compat: use strings.CutPrefix
f198fe6b13 pkg/machine/wsl: use any instead of interface{}
5824197774 pkg/machine/e2e: remove obsoleted comment
8e55b67410 docs: fix Go Report Card badge to reference current repository
b5de5efb3e cmd/podman/system: fix error handling in renumber and migrate commands
571866775d [compat api] Remove ContainerConfig field
c11941eadb [DOCS] Update volume mount docs for subpath support
feb36e4fe6 Implement TLS API Support
a27929aaaf test/e2e: fmt artifact list with virtual size
32c962a177 Add Podman 6 HLD
9bca0d01d2 Add a design document for Conmon v3
4764b0e403 Add creation timestamp to podman artifacts
4652f5c3c6 docs: clarify that --userns=keep-id runs container as host UID
5ae0e0de3d cmd/podman: added virtual size option in artifact ls
63c40feb8c test: Fix test race in 030-run
f0f05e22c6 cmd/podman: completion for --sysctl in create/run
f26483ba7d fix: standardize casing for cgroups in documentation
15fdbe9442 test: remove hack workaround in 'use plugin in containers'
51f4e614e9 test: remove skip_if_remote from podman run - uidmapping has no /sys/kernel mounts
4b9be9c218 chore(deps): update dependency golangci/golangci-lint to v2.5.0
7c9aa72c55 add containerfile doc link
a0238fb19f libpod: Fill out OnlineCPUs in the FreeBSD stats handler
602ba415c6 libpod: Implement getOnlineCPUs() on FreeBSD
39750faab3 test/system: fix test race in exec leak check
b8258a53dd Update github action to use pull_request_target
b24220b0a2 Revert "test/e2e: try debug potential pasta issue"
ab5e400a9a docs: remove remote limitation note for --build-context option
8d06a9e9f7 fix: Correct typo in chrootdirs option
2702156bd7 pkg/bindings: on terminal attach always wait for stdout to be done
7ff07b6e0c pkg/bindings: use HTTP 101 upgrade request for attach
9e2850d0a8 Add --sign-by-sq-fingerprint to push operations
2f005b67f4 Exercise containers_image_sequoia in CI
070d7c3ad3 Revert "Rewrite the Quadlet documentation."
bb422c8372 Revert "Change the syntax to not depend on jinja2."
fd60d63bf4 Revert "Deduplicate more options."
4ae8e386ef Revert "docs: restore podman-systemd.unit.5"
04af9ae3fc fix(emulation): handle fs.ErrNotExist in registeredBinfmtMisc
80f1d48d44 [skip-ci] Update actions/setup-node action to v5
aa8bbbb1ff [skip-ci] Update actions/github-script action to v8
796be1e4bf troubleshooting: document lsetxattr error
e1c1961d48 [skip-ci] Update actions/checkout action to v5
43a294fa94 vendor: update golang.org/x packages
4417e6269c use maps.Clone() over Copy() when possible
637de6022f libpod/oci_conmon_linux.go: fix false postive in linter
9e4fad8d06 pkg/systemd/quadletL silence one lint warning
78e5a521b0 inline some conditionals
8631032556 run modernize -fix ./...
dc5a791f58 use bytes.SplitSeq where possible
b97525a78d use strings.SplitSeq where possible
4e3e9bfb70 update to go 1.24
8537afca66 test/e2e: fix podman run default mask test with crun 1.24
3bb32d846b test/system: skip noswap memory mounts correctly
52fcdcf64c test/system: skip idmapped mount correctly
bd7aada776 cirrus: update to freebsd 14.3
710e216390 cirrus: fix golangci-lint cache leak
a720139dd8 New VM images 2025-09-10
5b10b51788 Add a directory for design documents
936a01e088 Quadlet build - consider File path that starts with a systemd specifier as absolute
d0be0e9659 Makefile: restore HELPER_BINARIES_DIR
2bed9a40bc fix(deps): update module google.golang.org/protobuf to v1.36.9
c70c0ac13e refactor: Modularize binding build functions
c38babff57 Adding github action to generate a badge for first time contributor
8566ef71c0 fix: set header fields before response status code to prevent missing fields
50a3e3cf8a fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
6c4b98c940 test/e2e: add CVE-2025-9566 regression test
cab3c6de6d docs: restore podman-systemd.unit.5
6756eb3412 Deduplicate more options.
fdeaf2905f Update module github.com/onsi/ginkgo/v2 to v2.25.3
163bdf2df8 quadlet: fix runtime error for invalid Mount value
792bbd2046 [skip-ci] Update actions/labeler action to v6
853dd36da3 Update dependency pytest to v8.4.2
43fbde4e66 kube play: don't follow volume symlinks onto the host
4b66e5a27b Add R! to systemd-tmpfiles script for all /tmp dirs
c2506656c4 spf13/pflag: replace deprecated ParseErrorsWhitelist
ca9c8d104e update module github.com/spf13/pflag to v1.0.10
889a5fd0ac [skip-ci] Update actions/stale action to v10
f22506b74f [skip-ci] Update actions/setup-go action to v6
310f196aea fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
faceb67782 test/buildah-bud: enable one skipped test
dbfddb82cb vendor: update go.podman.io/{common,image,storage}
2c6dadd724 Fix a locking bug in that could cause a double-unlock
5c810ea1c8 Makefile: add SOURCES dep to bin/podman.cross.% target
b62f887fbd Makefile: add proper docs for bin/podman.cross.%
3633cd53e8 Revert "Remove bin/podman.cross Make target"
98072bfcea refactor: modularize build REST API with utility functions
2acf5c0119 libpod: Fix the jailName helper
a250fee0ec libpod: Fix "top" support on FreeBSD
5ba23ccad5 compat: Deduplicate the Linux and FreeBSD containers/stats helpers
a341a4ee24 compat: Add a stub container/stats handler for FreeBSD
9de737bf29 Change the syntax to not depend on jinja2.
c12b1b32bc Rewrite the Quadlet documentation.
247a80db45 test/system: remove distro-integration bats tag
ee45782079 test/system: fix podman load - from URL
20fb712872 test/system: do not connect to github server
59df0782f2 Handle SIGPIPE to prevent machine stuck in Starting state
9b8e785e3c fix(deps): update module github.com/spf13/cobra to v1.10.1
c65fd9a2c2 quadlet: add HttpProxy option for Container sections
26aafb21d2 fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.4.0
46d757501a do not pass [no]copy as bind mounts options to runtime
4e2a04dedc do not pass volume-opt as bind mounts options to runtime
a98154a978 Switch common, storage and image to monorepo.
c8681b6028 chore(deps): update module github.com/ulikunitz/xz to v0.5.15 [security]
0f477eaaa6 fix(deps): update module github.com/spf13/pflag to v1.0.9
573fd0d7eb fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.8
b9812e3d9e Mention zstandard tarball import support
80348a50d0 chore(deps): update module github.com/go-viper/mapstructure/v2 to v2.4.0 [security]
3d4f8153be fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.2
3effff42eb tests: Get rid of netcat on the host and use Bash's /dev/tcp
0ff079d320 tests: Replace ncat for socat
9c3652c188 Add support for criu's tcp-close functionality.
e467439ab8 test/e2e: actually start container in startContainer
3a1ce1fb3d fix(deps): update module github.com/stretchr/testify to v1.11.1
8e59c948df test/buildah-bud: skip new failing test
df80fbcab6 test/e2e: remove image diff test skips
b172cf7475 vendor: update buildah to latest main
e76b08394e vendor: update c/{common, image, storage} to latest main
a5a00c1796 Add a release note for 5.6 Rosetta being disabled-by-default
413eea885b fix(deps): update module github.com/stretchr/testify to v1.11.0
2dd3111098 fix(libpod): truncate long hostnames to correct maximum length
18aa78a7e6 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.1
877e208820 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.32
c51c6e58a7 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.25.0
4b835f36b9 fix(deps): update module github.com/coreos/go-systemd/v22 to v22.6.0
249fa21e8a Improve documentation wording
5a2098cf61 windows: do not convert unconfined seccomp path
d267f8a3dd ci: log wsl --version output
40cd207437 Update module github.com/kevinburke/ssh_config to v1.4.0
fa5140771f Update module go.etcd.io/bbolt to v1.4.3
4b5ada39e4 Update release notes on main to reflect v5.6 release
514e686b4c podman events: show network create/remove event with journald
9d47477e82 cirrus: fix podman machine windows only_if condition
2c89069fa8 update tests duo to CRUN#1767 to support both values
cfe4d46d89 Optimize image loading for Podman machines
0a9d5ca75d Skip JSON parsing for non-JSON error responses
be0ad4a7aa [docs] Refactor Artifact API documentation
2e7d6135c6 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.24.0
96d9a00adb docs(run,create): note remote clients support only docker transport
10f9c9a7e8 Configurable GINKGOTIMEOUT in `winmake.ps1`
e1d6dfd2c7 Fixes #26369
46ee62ca6a Fixes: #26353
4690bce8a8 2025 3Q Roadmap Update
c33af3c8dd docs: add missing groups and hgroups descriptors to podman-top documentation
fda74ee619 added system-connection-add options example
68ed0c08e6 fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.7
700351a813 test/buildah-bud/run-buildah-bud-tests: loosen the branch regexp
21f2128d79 added example for custom socket
599c635f9f chore(deps): update dependency golangci/golangci-lint to v2.4.0
6d54a298c9 chore(deps): update docker.io/library/golang docker tag to v1.25
3ca729a2fb fix: Correct small typo foce -> force
f38e32760d feat: Add artifact remove --all option
b0febf3336 Update ADOPTERS.md
5706d2a61e make machine --user-mode-networking docs more clear
4bb4cf62cb [skip-ci] Update actions/checkout action to v5
512e04946c remove outdated dependencies/analyses scripts
5f5519607b contrib: add script and docs to analyze dependency usage
b6b8d05a52 Small changes suggested by markdown linter.
a0e6396c43 Updated with Type descriptions.
9a2dccf4f4 Add a deprecation notice for users of BoltDB
9b62438ede test/buildah-bud: fix checkout to also handle go.mod replace
8633b5edeb Update module golang.org/x/net to v0.43.0
cc465e7227 Updated with badges for Type and no extra line.
930cd25739 Feat: Add log_path support in containers.conf
e14b8acba8 Update vendor dependencies
1d6fda8eda New: initial ADOPTERS.md file.
7247d84fbe Fix typo
a75f74b1d3 Fixes: #26691
2959d9f7ec fix: drop yearly contributor badge
8ef76a6933 [skip-ci] Update actions/download-artifact action to v5
b5fce87237 Manpages: Added --filter flag examples to all the relevant podman manpages
7c95ceae57 Manpages: podman container runlabel added example with --replace
67ec2037c0 Add support for configuring tls verification with machine init
69f8f26d98 pkg/machine/e2e: remove build context skip
b8bba308b0 fix(deps): update common, image, and storage deps
ca3347cc2b doc(podman-system.unit.5.md): clarify user/group
6c27165054 Packit: do not notify on podman-next failures
1001450d77 chore(deps): update dependency golangci/golangci-lint to v2.3.1
32ec523ef6 Makefile: Clarify different `binaries` targets
f96eccb1ac docs: add examples with resource limits and mounts to podman pod create manpage
b7b7839ad3 compat: remove deprecated VirtualSize
a6fa3de870 fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.7
4a7974a7a8 [CI:DOCS] Remove Experimental from Artifacts man pages
0530a564a7 Fix: Improve error message for empty device modes in API requests
5ab92a7499 docs(kube play): clarify --annotation flag only affects containers, not pods
23ebb7d94c feat: add Podman artifact support to Go bindings and remote clients
0666b4ffbf events: add support for label filter with key only
610c4c7710 compat: GET /_ping return Builder-Version: 1
1963c6275e compat: remove GET /system/df BuilderSize
b0e7a2ec9b compat: add shared-size par to GET /images/json
e33d92ce9e docs: add LFX Insights badges
b5d18e873f Fix ancestor filter to support Docker-compatible substring matching
924e03ac97 fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.30
88bb9daeab fix(deps): update module github.com/docker/docker to v28.3.3+incompatible [security]
0740b94fcd fix(deps): update module sigs.k8s.io/yaml to v1.6.0
003a4d44a1 docs: add resource limit examples to podman pod clone manpage
81d6d90195 Improve handling of --publish and incompatible NetNS modes
df2862e72c Consolidate the definition and consumption of --sign* CLI options
426e787beb Fix (podman artifact push --creds)
67927715cf Remove unused CLI options
dd8bc6ccb9 Bump main to v5.7.0-dev
7f2908afcf podman: add --creds and --cert-dir to create/run
31fafad0c1 Update module github.com/mattn/go-sqlite3 to v1.14.29
dcd187946d Skip rather than comment bad diff tests
4395ff1f25 Link to blog post
3ef33653ff compat: RepoTags and RepoDigest return [] and not null
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
yocto-check-layer reports an error for any task between do_fetch and
do_build that has network enabled. Two changes fix this:
container-bundle.bbclass: Move do_fetch_containers from a standalone
task into a do_fetch postfunc. When remote containers are configured,
the anonymous function adds extend_recipe_sysroot as a do_fetch
prefunc (so skopeo-native is available) and do_fetch_containers as a
postfunc. Network access during do_fetch is permitted by the QA check.
container-registry-index: Remove do_container_registry_index from the
build dependency chain (drop "before do_build"). Registry push is a
deployment action requiring explicit invocation:
bitbake container-registry-index -c container_registry_index
The default do_build task now prints usage instructions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Inject the kcfg sysroot root into the scc search path so compound .scc
files (like container.scc) can resolve their include directives.
kernel-yocto.bbclass adds type=kmeta directories to -I includes via
find_kernel_feature_dirs/feat_dirs.
The prefunc replaces the placeholder directory with a symlink to the
kcfg sysroot so that spp can resolve include directives within
scc files that reference other fragments by relative path (e.g.
"include cfg/9p.scc" inside container.scc).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Move from the meta-virt hosted fragments to common fragments
that are in the kernel-cache.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
In particular we pick up the consolidated container configuration
options.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
These kernels are EOL upstream and in OE core. Dropping
their enablement in meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Multi-layer OCI container image that can compile the Yocto Project.
Three layers: systemd-base, build-tools, yocto-extras. Features
CROPS-style dynamic user creation matching /workdir volume owner
UID/GID.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Factor systemd service masking into container-systemd-config package
that installs mask symlinks via do_install. This replaces the
ROOTFS_POSTPROCESS_COMMAND approach which is ignored in multi-layer
OCI mode.
The mask list is customizable via CONTAINER_SYSTEMD_MASK variable.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
ROOTFS_PREPROCESS_COMMAND creates usrmerge symlinks (/bin -> usr/bin,
etc.) during do_rootfs, but multi-layer OCI mode installs packages
to separate layer rootfs directories that bypass this step. Call the
existing create_merged_usr_symlinks function on the first packages
layer to fix this.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One cli patch is refreshed, otherwise, no build changes required.
Bumping moby to version docker-v29.2.1-34-g8abd12c5bb, which comprises the following commits:
7fef0b66f6 daemon/volume: don't print warnings for non-volume directories
d809806f2f daemon/volume: Drop BindOptions for image mounts
8014653ecc fix(deps): update github.com/moby/policy-helpers digest to 77d5435
eb0a1bc455 integration: run more Buildkit tests on Windows
5fc3ea8426 .github: actually use snapshotter in Windows tests
efc2f55cc1 .github: install buildx in Windows CI
5d963f26fe hack/make.ps1: respect $TEST_INTEGRATION_FAIL_FAST
f889c34627 Dockerfile: upgrade Delve to v1.26.0
8f66e0c150 update to go1.25.7
897575142a gha/bin-image: Fix build not running for tags
af18206630 daemon/command: add support for sd_notify "reload" notifications
0e523625f8 daemon/command: send notifyReady, notifyStopping synchronous
236fc46b5a daemon/command: don't make notifyReady(), notifyStopping() asynchronous
ae7e72b626 gha: update OTEL collector to v0.144.0
f478a9212d go.mod: add back replace rules
899446ca81 fix(deps): update module code.cloudfoundry.org/clock to v1.60.0
a1056edad1 golangci-lint: make exclusions more specific, and combine some
8f45db8414 daemon/pkg/registry: use lazyregexp again
3f9885fa1f hack/validate: golangci-lint: rm deprecated --print-resources-usage flag
7648df07ad fix(deps): update module github.com/coreos/go-systemd/v22 to v22.7.0
3a583a570b c8d/system: Fix race between `df` and `prune`
4ec7c53f1f ci: renovate: replace uses of deprecated matchPaths option
3068dc540f chore(deps): update github/codeql-action action to v4
54501c09fc Bump go-tuf from v2.3.1 to v2.4.1
21dd960a73 d/libnetwork: fix (*Controller).getLBIndex panics
420cdd1737 ci: update docker/github-builder to v1
750a2014a5 vendor: update buildkit v0.27.1
b3babf3419 chore(deps): update docker/buildx-bin docker tag to v0.31.1
e396e5a6ea ci: renovate: tweak settings for golang.org/x/
c622002eb9 ci: renovate: group google.golang.org/genproto packages
2796980dbc vendor: github.com/theupdateframework/go-tuf/v2 v2.3.1
d5ddaeddce vendor: github.com/secure-systems-lab/go-securesystemslib v0.10.0
178106be33 daemon: shouldIgnoreExitEventWithLock: fix minor nits
b0e62bdf59 vendor: github.com/moby/policy-helpers eeebf1a0ab2b
d7218ec6c1 daemon/pkg/plugin/v2: use namespace consts
51664a25d7 libn/d/overlay: calculate SPI like older engines
13422acb53 renovate: ignore docker/github-builder-experimental
1200f5e45c daemon: Fix panic in shutdown after daemon init fails
b7b572a3e0 vendor: github.com/moby/moby/client v0.2.2
655828b656 vendor: github.com/moby/moby/api v1.53.0
4fa326fa85 api: Cut v1.53
f9ed31aa95 Drop replace rules
59abc76746 daemon/pkg/opts: remove unused ParseHost
8afb45b42f loadDaemonCliConfig: explicitly set default host
f6c0f41e6d api/pkg/authconfig: reject multiple JSON documents in Decode
62c1a719b3 api/types: use "omitzero" instead of "omitempty" for "netip" fields
9d839a236c chore(deps): update actions/checkout action to v6
7e8adf4d33 ci: renovate: disable for api and client modules
f187929e87 retrigger github action
86fd73d8bc ci: renovate: fix regex escaping
8ff66aa5dc ci: renovate: add comment about Graylog2/go-gelf dependency
c36b44b21a ci: rename renovate.json to renovate.json5
c75070b9b4 chore(deps): update actions/cache action to v5
ab3be3c68b typo: called to caller
5589d5a1ea fix(deps): update module code.cloudfoundry.org/clock to v1.59.0
2cafa78953 vendor: github.com/cloudflare/cfssl v1.6.5
3b5a0c1e4c vendor: github.com/zmap/zlint/v3 v3.5.0
35aa470f73 vendor: github.com/weppos/publicsuffix-go v0.30.0
d5e23b680c daemon: ignore duplicate task exit events in daemon state
7b38ece108 integration: gofumpt
17de27ffc2 daemon: gofumpt
5bde1565a6 client: gofumpt
f3343bf846 api/types: gofumpt
3380c52740 vendor: github.com/klauspost/compress v1.18.3
0a3af47d89 vendor: golang.org/x/tools v0.41.0
2d5c1cdb02 vendor: golang.org/x/mod v0.32.0
818ec93592 vendor: golang.org/x/net v0.49.0
7a12d1bcea vendor: golang.org/x/crypto v0.47.0
d163d3326b vendor: golang.org/x/term v0.39.0
5b62347a5f vendor: golang.org/x/text v0.33.0
dceb87f58b vendor: golang.org/x/sys v0.40.0
4bc3a76891 daemon/command: slight cleanup of normalizeHosts
20c801f9e1 daemon/pkg/opts: export ParseDaemonHost
7f16c4fee0 vendor: github.com/sigstore/rekor v1.5.0
bb43161e2f vendor: google.golang.org/api v0.260.0
b21163a330 vendor: github.com/googleapis/enterprise-certificate-proxy v0.3.9
644af76187 vendor: github.com/googleapis/gax-go/v2 v2.16.0
a39cf56355 vendor: go.uber.org/zap v1.27.1
ca49081e4e vendor: cloud.google.com/go/auth v0.18.0
c7657f8d73 client: ResponseHook: remove error return
2bc7febeb6 client: implement WithResponseHook option
48bbed596e fix(deps): update module google.golang.org/grpc to v1.78.0
b30e701b73 vendor: update github.com/go-openapi dependencies
fd1679ac13 vendor: github.com/sigstore/sigstore v1.10.4
b92173f68a fix(deps): update aws-sdk-go-v2 monorepo
5819d10989 client: deprecate ContainerListOptions.Latest
d9cead55b2 client: deprecate ContainerListOptions.Since, ContainerListOptions.Before
311bfe9cc9 fix(deps): update module github.com/aws/smithy-go to v1.24.0
36b94c251c chore(deps): update tonistiigi/xx docker tag to v1.9.0
1b665b6af6 chore(deps): update lima-vm/lima-actions action to v1.1.0
edcbbba6d4 chore(deps): update docker/buildx-bin docker tag to v0.31.0
686c611b25 chore(deps): update alpine docker tag to v3.23
59083a9057 fix(deps): update module github.com/miekg/dns to v1.1.72
d204cc202e chore(deps): update docker/compose-bin docker tag to v5.0.2
9c2e4d9295 renovate: Always run go mod tidy
8a7e012563 renovate: Ignore go-gelf
695f158716 pkg/homedir: fix broken links to basedir specs
fba5998d26 vendor: update buildkit v0.27.0
e8f088caf7 daemon: rename vars that shadowed imports
2f6011c05f daemon: daemon.registerMountPoints: use switch statement
26e8376a3c api: fix grammar: user defined / user specified -> user-(defined|specified)
a10af4dc68 gha/labeler: Use "all" group for vendor exclusion
96df8d8a1f Add test case for ContainerList Latest option, use table-test
d8e88a964b gha/labeler: Filter out vendor changes
1a75179857 daemon/volume/mounts: extract validation for extra fields
1f93820d1d vendor: github.com/miekg/dns v1.1.70
62cecee324 chore: Update outdated GitHub Actions versions
90c3f80735 go.mod: add back replace rules
86f122af27 Map nvidia --gpus request to CDI device requests
5961616a77 daemon/server/backend: ContainerListOptions: remove unused Latest field
3abbf46a6b daemon/server/backend: ContainerListOptions: remove unused Before and Since
b0c8ff7d0c daemon: Check system requirements in newDaemonCLI
69d67e07fa vendor: github.com/moby/moby/client v0.2.2-rc.2
46ecbe09a9 vendor: github.com/containerd/stargz-snapshotter v0.18.1
bd660c390b api/docs: sync MountType to versioned swagger specs
721cb50a18 api: add MountType to definitions
2018b9e1f3 Use Debug instead of Debugf for device request logging
1b5b00c98c fix grammar: user defined / user specified -> user-(defined|specified)
c1b3202150 integration/volume: Add test for image mount subpath daemon restart
1b427548b1 vendor: github.com/moby/moby/api v1.53.0-rc.2
6dac897ad4 daemon: Check system requirements before initialization
ef5287fb08 migrate TestContainerAPIPostContainerStop to integration
89a04a8354 vendor: update buildkit to v0.27.0-rc2
26d292b3e4 inspect: add API-version gate for image identity
8890f815ca inspect: add signature identity support
0adfe6c856 inspect: add pull identity to track origin registry repo
3540989c71 inspect: add build identity support
7745b7135f api: add swagger definitions for new Identity type
1d4e04bed1 api: add inspect identity base type to expose trusted image origin
bead7d7dd4 fix: goroutine leak in TestRingLogger
0100e94c49 renovate: Group golang/x packages
732379f8c2 renovate: Add git sign off
e521c369e0 renovate: Move to .github
783d2fd8ce Add renovate.json
0408faabd6 vendor: github.com/moby/buildkit faed462a29ea (v0.27.0-rc2-dev)
2c66ddf907 vendor: github.com/moby/buildkit v0.27.0-rc1
cebb12ddaf update to go1.25.6
2fe5e8e04a vendor: github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3
4a0f9759f9 vendor: github.com/jmoiron/sqlx v1.4.0
39e6e582c6 vendor: github.com/spdx/tools-golang v0.5.7
eb31710061 vendor: github.com/prometheus/procfs v0.17.0
3684a9cfc4 vendor: github.com/hashicorp/go-sockaddr v1.0.7
5ff9c6a9fd vendor: google.golang.org/genproto/xxx v0.0.0-20251103181224-f26f9409b101
09251e5855 vendor: github.com/googleapis/enterprise-certificate-proxy v0.3.7
184ee84190 vendor: github.com/containerd/nydus-snapshotter v0.15.10
25aec1f32d vendor: github.com/anchore/go-struct-converter v0.1.0
dc46ee9e1c vendor: github.com/Azure/azure-sdk-for-go/sdk/azcore v1.20.0
c7d9ac59c3 vendor: cloud.google.com/go/auth v0.17.0
54c9a0f6c4 vendor: github.com/aws/aws-sdk-go-v2/config v1.31.20
3ebfc369cb vendor: github.com/aws/aws-sdk-go-v2/credentials v1.18.24
2a87c9af9d vendor: github.com/aws/aws-sdk-go-v2 v1.39.6
18ea00a638 vendor: github.com/aws/smithy-go v1.23.2
6ff97c143b vendor: cloud.google.com/go/compute/metadata v0.9.0
8ff4021564 vendor: github.com/sirupsen/logrus v1.9.4
97ea303372 Dockerfile: update golangci-lint to v2.8.0
9ec65542a0 libnetwork: fix graceful service endpoint removal
e709f27c80 ci: use docker github builder to build bin image
9f2faa5cec client: fix TestWithUserAgent
fadd8dc47c daemon/libnetwork: Fix panic in findHNSEp when IP networks are nil
cb88c6ba10 daemon/volumes: More fs friendly image mount layer names
9ebbf652bd client: do not modify user-provided HTTP client
41d19f6644 api/docs: backport assorted fixes and enhancements to older api versions
f2f622ebf4 internal/testutil/daemon: fix minor linting issues
4bcf9665af vendor: cloud.google.com/go/logging v1.13.1
0d27c51913 hack/validate: only search repo-dir for modules
07e2a782c7 libnet/internal/resolvconf: Parse: improve error message
32d34c472c docs: fix type in comment
06704ef904 client: use stop function to deregister context.AfterFunc
d85c1a258a daemon/server/httputils: remove badParameterError
e529aa7d7c integration/container: TestStats: explicitly check zero-value
0fb55db037 docs: clarify healthcheck behavior
dcb0149ee1 daemon: inline copyAttributes utilty
8a01dc2f90 daemon/cluster/executor/container: rename vars that shadowed
5c637b7209 fix: prevent potential panic in Shutdown when EventsService is nil
22345e3369 docs: improve description of image tag API endpoint
1b9f126ede docs: document healthcheck timeout termination behavior
955897fe21 docs: fix base64 encoding description for secrets and configs
917d66d833 docs: update stats API description for cgroups v2 compatibility
1fd2395cd3 docs: fix reversed descriptions of version.Arch and info.Architecture
ae4c17fdb7 migrate TestAPIImageImportBadSrc to integration test
93afda3670 migrate TestAPINetworkInspectWithScope to integration test
c8aaeea285 ci: run golangci-lint for each Go module
e09afad3cb api/types/network: remove use of "reflect" in test
78c6b01902 api: add root doc.go to prevent fallback to github.com/moby/moby
9176746aba vendor: github.com/tetratelabs/wazero v1.11.0
2a9eb66ddc vendor: github.com/moby/go-archive v0.2.0
7239c72eca remove uses of deprecated go-archive consts
1a12717766 vendor: golang.org/x/oauth2 v0.34.0
595d00cb49 vendor: golang.org/x/tools v0.40.0
d9fa84260a vendor: golang.org/x/mod v0.31.0
98ec249d2b vendor: golang.org/x/net v0.48.0
e229e91247 vendor: golang.org/x/crypto v0.45.0
1a4e4dafe9 vendor: golang.org/x/text v0.32.0
e0795ef3ab vendor: golang.org/x/tools v0.39.0
48e96d4353 vendor: golang.org/x/sync v0.19.0
dccdb1b618 vendor: golang.org/x/sys v0.39.0
7ddc5f609a hack: add nri_no_wasm build tag to static builds
1175dd348e daemon/volume/mounts: Fix tests on Windows
6cbabb04b9 gha: Bump actions/download-artifact to v7
fae334b4c0 vendor: google.golang.org/protobuf v1.36.11
beeacde4b2 Remove restriction on anonymous read-only volumes
8452b64f32 Dockerfile: update containerd binary to v2.2.1 (static binaries and CI only)
b293e73bdb vendor: github.com/containerd/containerd/v2 v2.2.1
01440122f2 vendor: github.com/containerd/nri v0.11.0
32d4f64a65 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251114084447-edf4cb3d2116
6766ce7be2 vendor: tags.cncf.io/container-device-interface v1.1.0
2c533f9327 vendor: github.com/containerd/cgroup/v3 v3.1.2
4b4223a8d4 vendor: github.com/opencontainers/runtime-spec v1.3.0
9ae239e654 golangci-lint: iface: ignore identical interfaces in client module
7b74376ff1 client: testRoundTripper: remove unused skipConfigureTransport method
34ee29ceaa client: use errors.New (revive)
e254a9f0f1 client: containerDiskUsageFromLegacyAPI: make switch exhaustive
f39912a30e client: fix some missing error checks in tests (ineffassign)
8f3bfa3f34 client: fix missing import aliases (importas)
0fd5cc134b api/types/jsonstream: Message: fix godoc
6c845ded18 api/types/swarm: ResourceRequirements.MemorySwappiness: fix json tag
f005e1cb73 vendor: update buildkit to d1e5d1a8f771 (master / v0.27.0-dev)
8c0e404f6f vendor: go.opentelemetry.io/contrib/* v0.63.0
c88c8a6547 Dockerfile: update RootlessKit to v2.3.6
307bcec726 vendor: github.com/rootless-containers/rootlesskit/v2 v2.3.6
c6d2d697eb docs: remove mention of DOCKER_CLIENTONLY
81c170a696 Makefile: remove DOCKER_BUILD_GOGC
d5c81b1c01 Makefile: remove unused DOCKER_BUILD_PKGS
3a9a041092 Makefile: remove unused DOCKER_BUILD_OPTS
9dd2936e04 validate/module-replace: Also allow changing ref of the api module
05f9988fc8 hack/vendor/dropreplace: Make the auto-ref pick more reliable
354abbcb92 hack/vendor: Allow to specify ref to dropreplace
4b9e56156d Re-add replace rules
1acc9d3739 vendor: github.com/moby/moby/client v0.2.2-rc.1
3cee1aad22 vendor: github.com/moby/moby/api v1.53.0-rc.1
5070ad8dc1 Drop replace rules
614d9b966f daemon/libnetwork/options: GenerateFromModel: remove redundant check
e1fb5ef4a7 api: update to go1.25.5 and remove version from Makefile
265bdc1a06 validate/module-replace: Ignore client diff if it only removes the replace rule
aef5d996ce use mime-type application/jsonl to align with openapi 3.2
26bb1af7e6 daemon/layer_store: Use named return error for defer
72ce2c3f82 doc: fix module definition
c63bf203bf vendor: github.com/moby/buildkit v0.26.3
1f532963ed golangci-lint: remove unused exclusion rule
9cd41375ce Dockerfile: update golangci-lint to v2.7.2
1f498c5ff0 fix linting issues
366044fc20 vendor: github.com/spf13/cobra v1.10.2
c2073cc7e2 vendor: go.etcd.io/etcd/* v3.6.6
0ae3f972ad daemon: Simplify slices.Contains usage
8802be9eca hack: Restore rootlesskit and tini installers
54a6ec374a Update client MaxAPIVersion to 1.53
1e209e788b Continue to backfill empty PortBindings in API 1.53
2cce7ff87f api/docs: move ImageHistoryResponseItem to definitions (API v1.25-v1.52)
b48be08eb5 project: Update branches/tags and patch releases
51d1974500 daemon/cluster/test: Use `t.Context()`
6c5233e109 modernize: Use `strings.CutSuffix`
71fd582aa2 modernize: Use strings.Builder instead of string concatenation
62ed24a87c modernize: Use slices.Contains
bce14ac5bc reflect: Use `TypeFor` instead of `TypeOf`
3df05205f4 modernize: Use range int
e548a31d28 modernize: Use `min` built-in
39c19d9161 modernize: Use fmt.Appendf
cdce8f4f92 modernize: Use maps.Copy instead of for loops
ff33808a79 modernize: Use strings.Cut instead of strings.Index where possible
a25907b485 modernize: Prefer `strings.SplitSeq` instead of `Split`
c9b0a21bb1 modernize: Use `b.Loop` (introduced in Go 1.24)
37fdb6d775 ci: Remove concurrency setting from golangci-lint config
f44b5abf0e api: deprecate /grpc and /session endpoints
a0bd623959 api: remove docs/v1.53.yaml
53c67be034 daemon/c8d: Log correct error extractOCIErrors
98d196b714 NRI: error on unsupported adjustment
ff553c5069 NRI: make config reloadable
3f938c6091 gha: Bump actions/upload-artifact to v6
3fdde529e7 layer: Clean up init layer if initialization fails
7c7a626e5d NRI: include in API Info response
f6b1488468 Bump API to v1.53
29d5098ffd migrate TestAPINetworkInspectWithScope to integration test
d7a6250b91 layer: Clean up RW layer if mount metadata save fails
10c0fc4de8 NRI: add TestNRIContainerCreateAddMount
a30301b28d NRI: allow plugins to add mounts
52f33797f3 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251111083745-e5b454202754
70004549fb layer: Fix orphan creation in registerWithDescriptor
413b4afcba vendor: github.com/tetratelabs/wazero v1.10.1
24bac4495e vendor: github.com/containernetworking/plugins v1.9.0
caaa9c9bb5 simplify swagger generation
ec9315cd4f daemon: clean up dead containers on start
849afcc5be daemon: use WithExtraDialOpts for containerd client connection
8dd2c72fb6 gha/vm: Update lima template locators
c74203adbb gha: Fix PR branch validation
0666108ebf api: move scripts to generate and validate swagger to api module
a97b330c6c Makefile: Add simple dev loop
2a191665b8 daemon/container: Container.BackfillEmptyPBs: prevent nil map
43780fe40c daemon: disallow container port 0
695010ba2e daemon: buildCreateEndpointOptions: fix panic with "publish all"
8cf9e64738 NRI: report container state to plugins
dc1fe0be82 NRI: minor cleanups
322dda3908 NRI: add TestNRIContainerCreateEnvVarMod
b67f0c0449 NRI: add ContainerCreate hook, allow env-var adjustments
565f7dce18 integration-cli: TestUserDefinedNetworkAlias: adjust for API versions
93eb7962dc integration-cli: TestUserDefinedNetworkAlias: replace deprecated utils
83f17f77cf integration-cli: adjust some tests for API-specific event-types
35f1250685 integration-cli: use event-consts in some tests
33eb3b8d78 integration-cli: TestEventsFilterType: remove test for "build" events
99066209a2 libnetwork/options: GenerateFromModel: use generics
14c5cd377d libnetwork/options: GenerateFromModel: reduce reflection
d210449d85 Natively support GRPC on the docker socket
fcb23060fc integration-cli: rewrite some tests depending on intermediate images
751a6f9f33 integration-cli: improve TestBuildNoNamedVolume
5152c7c3ef integration-cli: DockerCLIBuildSuite: use more unique names for images
a39e866aa8 integration-cli: rename var that shadowed package-level const
14906f8023 NRI: use the daemon's logger
282868dabf NRI: instantiate and start/stop NRI adaptation
4941b36883 NRI: import containerd's NRI adaptation package
5ab4a14fe8 gha/vm: update Lima to v2.0.2
cc30833181 integration: increase timeout
a230544000 NRI: add daemon.json/command line options
29560eacda go.mod: add back replace rules
773aca9f5d api, client: add separate LICENSE file
bb713e7fa8 Fix spelling error in comments for names-generator.go
3ac4fd1eba project: add End-of-maintenance date for 25.0
e874083bdb Dockerfile: update compose to v5.0.0
da1e638566 Dockerfile: update cli to v29.1.2
b56d077034 fix: Correct typo in error message
9e72c44dae rm -r hack/dockerfile/install
6f9d1ec3fb update to go1.25.5
81d930f527 gha: update to actions/setup-go@v6
7000f92763 gha: update actions/download-artifact@v6
69963d84f8 gha: update actions/upload-artifact@v5
43ed81ed85 gha: update actions/checkout@v6
4b8f9dd251 vendor: github.com/klauspost/compress v1.18.2
a0e5e0525b Improve description of tmpfs mode
7687298e0a hack/validate/module-replace: relax check
a828af4d8d Dockerfile: Update buildx to 0.30.1
f97f234729 Dockerfile: update runc binary to v1.3.4
b9d18a107a integration: cdi: add TestEtcCDI to verify /etc/cdi is used in rootless mode
a55f610e2a cdi: resolve symlinks
e29eaedf65 cdi: skip scanning non-readable dirs
cd4397b4dc cdi: read XDG_CONFIG_HOME/cdi and XDG_RUNTIME_DIR/cdi for rootless
2e3a23c8ec c8d/inspect: Fix image inspect for incomplete images
69c4ea7aad system: df: fix SharedUsage on non-containerd
8c0751aa4d dockerd-rootless-setuptool.sh: fix `nsenter: no namespace specified`
7517464283 PublishAllPorts: don't crash with nil PortBindings
87583c9029 integration: migrate TestAPIImagesSizeCompatibility to integration test
310aa9241a libnet/pm: log when stopping userland proxy
52fae09ec0 libnet/pms/nat: don't bind IPv6 ports if not supported by port driver
955650b33f gha/test-validate: Reuse the dev image
56e8e43339 Revert "libnet: populateNetworkResourcesOS: updateDNS only if !needResolver"
83f00e9f2b Revert "libnet: rebuildDNS: update the hash file"
14a955db2f Revert "libnet: setupDNS: don't overwrite user-modified resolv.conf"
4219768511 vendor: update to client 0.2.1
ea539d267d client - use tagged api module
c74559df60 gha/validate: Actually dont fail fast
ecf4446e46 gha/validate: Don't fail fast
46ca7f19cd validate/module-replace: Fix check
f745fe7f14 vendor: client/0.2.0
a60bea5412 Drop replace rules
04ab3d562c client: don't downgrade when failing to negotiate
189942570a client: enable API-version negotiation by default
e752ec0f8e client: fix typo in comment
bec7ab7f62 client: TestTLSCloseWriter: test with version negotiation enabled
701f2fdade client: improve mocking responses
ef588715b6 client: add mockPingResponse utility
acb5c5a390 client: mockResponse: prevent sharing body reader
45c9f460b8 client: checkResponseErr: don't read body for HEAD requests
77858fab6e client: ensureBody: also ensure the request is preserved
e51a4306e2 client: ensureReaderClosed: small optimizations
89bd3150e1 client: client.ping(): use fresh request for HEAD -> GET
75520d1f5b client: resolveContainerSpecImage, resolvePluginSpecRemote: early returns
366ea9e9af client: ServiceCreate,ServiceUpdate: don't add empty warnings
e94ed33de1 vendor: github.com/mistifyio/go-zfs/v3 v3.1.0
0389d3b13e vendor: github.com/opencontainers/selinux v1.13.1
bda87b7de8 vendor: golang.org/x/crypto v0.45.0
163cc95aea Add TestGatewayErrorOnNetDisconnect
8f2aa3e0f5 Network disconnect: log rather than error on gateway update
e4a1657762 Check containerd client before using on Windows
a3916290da vendor: golang.org/x/mod v0.30.0
10d68d4399 vendor: golang.org/x/net v0.47.0
633acaa5b3 vendor: golang.org/x/crypto v0.44.0
e4900958c3 vendor: golang.org/x/text v0.31.0
bd79eb0da5 vendor: golang.org/x/tools v0.38.0
421bda22d1 vendor: golang.org/x/sync v0.18.0
3054fdd8b2 vendor: golang.org/x/sys v0.38.0
997837376a vendor: github.com/cloudflare/circl v1.6.1
5a5d5b4c5f integration: add Windows network driver and isolation tests
731ae07e65 Endpint.sbLeave: when deleting container, no new gateway
7639e193ff libnet: setupDNS: don't overwrite user-modified resolv.conf
eb18b398d4 libnet: rebuildDNS: update the hash file
937246a868 libnet: populateNetworkResourcesOS: updateDNS only if !needResolver
85b260fba8 PublishAllPorts: create port mappings for exposed ports
a2de9bb334 Unmap more netip.Addr vars created using AddrFromSlice
2effc1bfd4 inspect: unmap IPv6-mapped IPv4 host address
84a251d039 Allow configured address with no configured subnet
7e14b4d931 Update docker-py in test-docker-py
517ae20be8 .github: collect all the OTEL traces
54d269a3b4 vendor: update buildkit to v0.26.2
442f0115cd docs: update contributing guides for clarity and consistency (#49891)
93825e00e8 migrate TestAPIImagesSaveAndLoad to integration test
ed10b98506 Restore missing nwEndpointsMu.Lock
9fbc9d6e6d integration: migrate TestAPIGetEnabledCORS to integration test
774bb532f1 vendor: update buildkit to v0.26.1
e59d1b4563 libnetwork/drivers/overlay: DiscoverNew: move logic to setKeys, updateKeys
f40b45ca1f libnetwork/drivers/overlay: use structured logs in some places
c9f0314f21 libnetwork: controller.handleKeyChange: slight cleanup of logs
de11467756 daemon/containerd: cleanup registry error-handling
de546caa92 daemon/containerd: translateRegistryError: add early return
029770595d integration-cli: remove TestVolumeCLINoArgs
9ab033cc8a client: TestTLSCloseWriter: assorted cleanups / fixes
96b8f9c8ca Daemon.createContainerOSSpecificSettings - remove redundant param
33032b0454 Daemon.setSecurityOptions: remove redundant param
34925e5be9 Remove Daemon.setHostConfig
22c5c78bfb Move Daemon.registerMountPoints out of Daemon.setHostConfig
48709e502f Split OS-specific container config and volume creation
4434236088 Daemon.setHostConfig - don't set default network mode
e757bbb4ea Move call to Daemon.registerLinks out of Daemon.setHostConfig
92b4902b8d Daemon.registerMountPoints: var 'container' -> 'ctr'
5c9f2e0388 rootless: ignore error when enabling IPv6 forwarding
4622dd0ccc client: Client.buildRequest, jsonEncode improve handling of content
20d65620f9 client: Client.buildRequest: don't set content-header if not set
b17eee7aad Update DOCKERCLI_VERSION to v29.0.1
4e2e2cde7e client: simplify logic for manual vs auto API versions
1731e9e729 Don't try to remove cleared docker_gwbridge endpoint
6857132911 client: client.Ping: allow ForceNegotiate with manual override
8f1134b46d integration/image: migrate TestAPIImagesDelete to the new integration test framework
3e4a3cb03e integration: skip TestBuildWithHugeFile
53764de815 client: make WithAPIVersion, WithAPIVersionFromEnv order-independent
a5c7f3f9c8 client: don't negotiate malformed responses
bcc1db1ce5 client: WithAPIVersion, WithAPIVersionFromEnv: validate well-formedness
83ad5c92f7 client: Client.ping() fix duplicate ping
49c8d77639 vendor: github.com/ishidawataru/sctp v0.0.0-20251114114122-1
611c7dce43 client: export fallbackAPIVersion as MinAPIVersion
4535d63c91 daemon: install OpenCensus-to-OTEL trace bridge
0af2962fdd daemon: reduce use of pointer-slices in backend
53ea70ea46 inte/networking: TestDisableIPv6OnInterface: add '-c1' to ping
47bd247d4d inte/networking: test DNS resolution for non swarm-scoped nws
2e41476a5f libnet: create DNS records on sbJoin (if not agent node)
94e83af71a client: TestImageListWithSharedSize: merge with TestImageList
62589a6961 client: TestTLSCloseWriter: cancel context after test
a5dec0a779 client: make sure context is canceled for ContainerWait tests
76a4381d45 client: TestImageListWithSharedSize slight reformat
9af7fbff2a client: TestImageList: use subtests
391247ce96 daemon: Fix image store choice priority for prior graphdriver state
c5d0e3e6fa daemon: Add TestDetermineImageStoreChoice
17a3357e32 vendor: github.com/moby/buildkit v0.26.0
dae3650dcc client: rename/deprecate WithVersion, WithVersionFromEnv
e5db2380f5 client: rename options.go to client_options.go
5cf1fb3954 hack/validate: Check if replace rules are needed
0f597561e8 hack/test/unit: Fix api and client module testing without replace rules
2729703967 client: fix example in README (align with ExampleNew())
b29990916d client: fix unused imports
47e852f061 image: pull/load/save attestation manifest and signatures with image
16b95ba758 go.mod: add back replace rules
b4f9bd1cb3 c8d/builder-next: Don't force unpack
3874ca5984 vendor: update buildkit to v0.26.0-rc2
d558896fae vendor: github.com/secure-systems-lab/go-securesystemslib v0.9.1
bb07fdcd14 vendor: github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.2
f1d0fe47c9 vendor: github.com/golang-jwt/jwt/v5 v5.3.0
79344e1c9a vendor: github.com/gofrs/flock v0.13.0
d36617d2c1 vendor: github.com/containerd/nydus-snapshotter v0.15.4
1e48c34345 vendor: github.com/containerd/stargz-snapshotter/estargz v0.17.0
c169cc9629 vendor: github.com/google/certificate-transparency-go v1.3.2
940c8d6b71 vendor: cloud.google.com/go v0.121.6
621cee8dbe Dockerfile: update cli to v29.0.0
ce739870fb vendor: github.com/opencontainers/cgroups v0.0.6
7e78088f8f daemon: remove workaround for c8d client connection timeout
f740e0fefa vendor: github.com/containerd/containerd/v2 v2.2.0
1639703e56 vendor: github.com/containernetworking/plugins v1.8.0
e4278c4c54 vendor: github.com/containerd/go-cni v1.1.13
7c798d012a vendor: sigs.k8s.io/yaml v1.6.0
d8f2aa4e3b vendor: github.com/containerd/containerd/api v1.10.0
0a494a7303 vendor: github.com/moby/swarmkit/v2 v2.1.2-0.20251110192100-17b8d222e7dd
a040664176 vendor: github.com/Microsoft/hcsshim v0.14.0-rc.1
e65995d896 vendor: google.golang.org/grpc v1.76.0, google.golang.org/protobuf v1.36.10
65bb1bb21f vendor: go.opentelemetry.io/otel v1.38.0
6b8285f965 libnetwork/discoverapi: use DiscoveryType for enum
7eaf25ee59 vendor: cloud.google.com/go/logging v1.13.0
3f6f3b9ed2 vendor: cloud.google.com/go/compute/metadata v0.8.0
94eb87f4c0 vendor: github.com/klauspost/compress v1.18.1
1621c4e7ad vendor: github.com/prometheus/client_golang v1.23.2
efc3e93b1e vendor: golang.org/x/oauth2 v0.30.0
e773a0cf50 vendor: github.com/vbatts/tar-split v0.12.2
ebcf9bb0c4 vendor: github.com/containerd/cgroups/v3 v3.1.0
7c29edf1b4 hack: remove cpexp package
bb56c4d7e7 daemon: remove some deprecated and unused code
365e588d0f Dockerfile: update containerd binary to v2.2.0 (static binaries and CI only)
c950796596 client: use t.Context in tests
20b831c59a vendor: github.com/moby/moby/client v0.1.0
e0a877b487 vendor: github.com/moby/moby/api v1.52.0
854ccbfcf5 Drop replace rules
15241265dc client, api: update go.mod to go1.24
e8f156110a api/types/plugin: remove deprecated Config.DockerVersion
34fb9de7f3 api/docs: remove links to docs.docker.com from changelog
d192a63467 daemon: Ensure buildkit created container's isolation mode consistent with daemon's config
db71c6a914 api/types/container: make HealthStatus a concrete type
1fd87e9fdf api/types/container: make ContainerState a concrete type
18000fe371 api/types/volume: change ListResponse.Volumes to a non-pointer slice
fe1a505cbf simplify some commit tests, and work around change in CLI behavior
c477a68fb9 TestBuildForceRm: use assert to help debugging failures
b0ab0b4078 TestBridgeIPIsExcludedFromAllocatorPool: don't use deprecated fields
9b7452e903 TestDockerNetworkValidateIP: relax string-matching errors
82a5eec1aa DockerSwarmSuite: relax string-matching errors and output
2e3c523579 TestAttachPausedContainer: relax error-message matching
598618b6f2 TestBuildWithInaccessibleFilesInContext: use sub-tests
7aa036ef2e client: rename CheckpointDelete to CheckpointRemove, and add output struct
e2bdc51508 client: CheckpointCreate: add output struct
da25838fc3 client: CheckpointListResult: rename Checkpoints to Items
fda54735c9 client: move CheckpointAPIClient together with other interfaces
d087d3c057 daemon: close EventsService on shutdown
46090e88e4 daemon/internal/builder-next: Builder.DiskUsage(): use singleflight
fb94e241f5 daemon: disk-usage: fix incorrect key for singleflight
15a048c396 api, client: don't use a pointer-slice for plugins
ed428234bd api: remove / internalize LegacyDiskUsage
71bcd22d6d daemon/server/router/system: simplify constructing response
f5e319c950 daemon/server/router/system: use early return for disk-usage
20870f13c2 daemon: remove intermediate vars when collecting diskUsage
0dcb1fe344 daemon: align build.DiskUsage() with other disk-usages
f1a3387633 daemon/server/backend: align DiskUsage types with api
04de584531 daemon/server/router/system: use shorter names and comments
32319028e5 daemon/server/router/system: slightly rewrite logic for legacy
bd5e6bab1d go.mod: add back replace
34b6fb783d vendor: github.com/moby/moby/client v0.1.0-rc.1
f66f1b451c vendor: github.com/moby/moby/api v1.52.0-rc.1
e8745c2157 Drop replace rules
8db3118ac9 client: remove uses of deprecated NewClientWithOpts
1745075b24 client: DiskUsage: rename fields to match API
dcfcfd33e9 client: cleanup and re-group interfaces
931c347b36 api/types: rename disk usage fields
745c483e42 client: pkg/streamformatter: un-export unused utilities
4c6d0ebc40 Fix disk usage result from legacy response logic
bc3c37098c vendor: github.com/opencontainers/selinux v1.13.0
10f6eeb56d daemon: Refactor image store choice logic
4a3e139e3c daemon/command: NewDaemonRunner: set both stdout and stderr
0678de9c87 cmd/dockerd: main(): remove "onError" func
922cd97491 update to go1.25.4
d6ceff48bf delete redundant/incorrect cmd/dockerd/README.md
d0fbae6e44 gha/vm: Force Lima v1.2.2
0029924181 api/types/system: change legacyDiskUsage to a non-pointer slice
ff019cd853 internal/sliceutil: add Deref utility
e509a7cefe daemon/command: remove `__dummy_command` workaround for completion
6881ae72c7 api/types: use regular slices for disk usage types
c351539358 Dockerfile: test containerd v2.1.5 (linux), v2.0.7 (windows)
37d75fc46c vendor: github.com/containerd/containerd v2.1.5
f76f1fc013 client: Client.ImageSave: close reader on context cancellation
175e4e5048 client: Client.TaskLogs: close reader on context cancellation
d35d8ec81b client: Client.ContainerLogs: close reader on context cancellation
cc9969bfed client: Client.ServiceLogs: close reader on context cancellation
c5aedacb4f client: Client.ContainerExport: close reader on context cancellation
08cd02cab6 client: Client.ImageImport: close reader on context cancellation
849239cedf client: Client.ImageLoad: close reader on context cancellation
be96014740 client: Client.ContainerStats: close reader on context cancellation
d11232bad9 client: add newCancelReadCloser utility
fabdccbe10 api/types: move disk usage structs to per type packages
de9ab07188 client: ExecCreateOptions: change ConsoleSize to a ConsoleSize type
443b548efa client: ExecCreate: rename Tty to TTY
ebc1dfbb64 client: singularize prune methods
52a917d48a gha/bin-image: Fix dco running on non-v tags
39ccd04ca8 api/types/swarm: define type for RegistryAuthSource
39f2dbffa1 vendor: github.com/moby/buildkit v0.25.2
d299e5be83 api/types/swarm: define type for UpdateOrder
b552b8b729 api/types/swarm: define type for FailureAction
47edd80d97 integration-cli: Adjust nofile limits
35f6a78082 Dockerfile: update runc binary to v1.3.3
5ad71c5ddf vendor: github.com/containerd/platforms v1.0.0-rc.2
3a105f4e0c daemon/internal: adjust some build-tags
a69abdd90d api/types/system: add type specific usage fields to `DiskUsage`
2af22d3512 Fix TestHandleMACAddressBC
dc22f2c8bf client: make ImageSaveResult an interface
5c8a9b7b9e client: make TaskLogsResult an interface
7dc9d39ca1 client: make ContainerLogsResult an interface
8d0b09c722 client: make ServiceLogsResult an interface
0257c642c7 client: make ContainerExportResult an interface
5bfc628e97 client: make ImageImportResult an interface
5fc866fbfd client: make ImageLoadResult an interface
1051c7f89e client: Client.ImageLoad: move description of platform parameter
b30eb86b31 go.mod: add back replace rules
668b546d2c docker/save: stable timestamp for blobs/digest dir
31f7f62d6c client/pkg/security: simplify
9b749d7c85 integration-cli: migrate TestAPIStatsContainerNotFound to integration tests
b6dab24a43 dockerd-rootless.sh: restore missing `exit 1`
76b1d304e4 dockerd-rootless.sh: reject DOCKERD_ROOTLESS_ROOTLESSKIT_NET=host
5369540dd2 go.mod: remove "exclude" rules
9b8419f6ed daemon/config: export "min-api-version" through daemon.json
3d772829ba vendor: github.com/moby/moby/client v0.1.0-beta.3
93c273dc11 vendor: github.com/moby/moby/api v1.52.0-beta.4
56bd456694 Drop replace rules
1e56b87f7f hack/vendor: Make dropreplace vendor latest version
73455ce01a client: Remove ImageCreate in favor of ImagePull/ImageImport
fd1593c067 api/container_inspect: Ensure Config is not nil in inspect response
6aea8c2591 Dockerfile: update integration-cli CLI to v25.0.5
4bcd446f03 Deprecate cgroup v1
a087d03e0c client: refactor create network api implementation to wrap options/results
12c9de37e9 api/types: move Version to api/types/system
3d28cb8bbd client: ServerVersionResult: add back legacy fields
ebe464ea45 api/types: remove PushResult type, and move internal
22c037982c API compat: replace nil values when adding fields
19f4c27d81 api/t/network: represent MAC addrs as byte slices
433023a03d Move namesgenerator to internal
d1f70d4f54 client: deprecate NewClientWithOpts in favor of New
137adde33d client: prepare option-structs for multiple platforms
860307c4ea client: refactor ServerVersion to return ServerVersionResult
6c042389a3 client: use sub-tests for ServiceLogs
e8e7f1a500 client: use sub-tests for ContainerLogs
af40d2bfed vendor: cloud.google.com/go/logging v1.12.0
15a1256f21 vendor: genproto v0.0.0-20240903143218-8af14fe29dc1
88cbd467f6 vendor: cloud.google.com/go/compute/metadata v0.7.0
a5c0f152a7 daemon: improve validation for container rename
0eba2989e0 api/types/registry: rename AuthenticateOKBody to AuthResponse
6cf02b5cba client: remove unused import
3c62b06de2 client: fix example, and add runnable example
90e7232c8e Dockerfile: update runc binary to v1.3.2
1cc2ab16ce client/container_copy: Wrap options and result struct
38d703ff6f client/container_update: Wrap options and result
e9f28e2a41 client: refactor NetworkConnect, NetworkDisconnect, NetworkRemove
2d6bf9332b client: un-export NewVersionError, rename to requiresVersion
29ad05b130 client: ContainerWaitResult: use singular for channels
51a0584088 client: ContainerWait: touch-up GoDoc, remove legacy code
bae45f766d api/types/network: define `ConnectRequest` and `DisconnectRequest`
fc97a2ff0d client: Rename ContainerUnPause* to ContainerUnpause*
f8b9396c2c gha/labeler: Fix dependencies
d2e7465293 client: refactor `ContainerRename` to wrap options/result structs
28ed1ef927 client: refactor `ContainerLogs` to wrap result
e46058cbae client: refactor Events, Info, RegistryLogin
749c980d4e client: refactor `ContainerExport` to wrap options/result structs
ec22a1e5b2 client: refactor `ContainerTop` to wrap options and results
c5ddef1122 client: refactor `ContainerList` to wrap result
cf173bc941 client: refactor ContainerWait to use client defined options/results structs
bbaeb9036f client/pkg/jsonmessage: use api message def'ns
848b0452d3 client: VolumesPrune: rename argument for consistency
1985a8979e client: VolumeUpdate: add output struct, and move "version"
faee204c02 client: VolumeRemove: add output struct
1f5c82b9fa client: add option and output structs for various container methods
edbf321ce6 client: remove NegotiateAPIVersion, NegotiateAPIVersionPing
c4aee2a50e client: remove ContainerStatsResult.OSType field
6a2a1dd6cf api/types/container: StatsResponse: add OSType field
8118385ba8 client: ContainerStats: add option, output-structs, remove ContainerStatsOneShot
5df881f3a7 daemon: Daemon.ContainerStats: don't escape HTML in responses
7623979aba daemon: Daemon.ContainerStats: combine some conditions and remove error
95a3880197 daemon: Daemon.ContainerStats: inline getStatJSON closure
f7003ef7de integration-cli: minor cleanups in stats tests
5742b40c87 integration-cli: simplify, improve some stats tests
e690c84bed integration-cli: remove TestAPIStatsNetworkStatsVersioning
155d697010 integration/container: TestStats: use sub-tests
6040a2f686 fix some faulty defers in tests
e410daf8f7 integration-cli: TestContainerAPIStatsWithNetworkDisabled: check result
7439f09cd2 daemon: Daemon.stats: fill-in container ID and Name when collecting
3088c4e192 api/types/container: StatsResponse: cleanup fields and GoDoc
9b795c53a7 client: remove ImageLoadResult.JSON field
ef589ef824 client: fix ImageLoadResult GoDoc
5cf4d68121 daemon: subscribeToContainerStats: return cancel / unsubscribe function
99410827c7 daemon: use errdefs instead of string-matching in some places
4aac139fc0 client/container_exec: Separate structs for Start and Attach
425975313a client: merge ContainerInspectWithRaw with ContainerInspect
58356450fa client: remove redundant closing and draining of response
ddbb503dc7 client: change Raw fields to be json.RawMessage
12123eb592 client: merge ExecInspectResult with ExecInspect
378116a84f client: ImageImportResult: prevent panic on nil reader
0b7b7625c6 client: rename NodeUpdateOptions.Node to NodeUpdateOptions.Spec
875c577711 client: consolidate node options with their methods
832590155c client: ExecCreateResult: define local type with ID field
c6a45784f9 client: VolumeListResult: define local type
687c3d7f42 api/types/jsonstream: define Message type
ae28867804 api/pkg/progress: move to client and daemon/internal
6baf274fa3 api/pkg/streamformatter: move to client and daemon/internal
c246639baa client: rename ImageRemoveResult.Deleted to ImageRemoveResult.Items
fb85d123c1 integration/service: fix tests for updated client
f40e1a7582 api: move types/versions to client/pkg and daemon/internal
c9b3c65f37 vendor: github.com/aws/aws-sdk-go-v2/config@v1.31.15
b3129817a7 vendor: github.com/aws/aws-sdk-go-v2/credentials v1.18.19
1b2015a26f vendor: github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.5
7f7588be22 vendor: github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.11
f82fa7a4b2 vendor: github.com/aws/aws-sdk-go-v2 v1.39.4
529076c7b4 vendor: github.com/aws/smith-go v1.23.1
031f30340b vendor: golang.org/x/net v0.46.0
8afa422f0c vendor: golang.org/x/time v0.14.0
8c88244d7f vendor: golang.org/x/text v0.30.0
8d3ae564e0 vendor: golang.org/x/mod v0.29.0
7563a498f0 vendor: golang.org/x/sys v0.37.0
8fb561ca9a client/container_create: Add `Image` outside of Config
3340c86db9 client/container_create: Rename ContainerName to Name
bd31b8b1c7 client_(attach,commit,create,diff): Wrap result and options
47fd987af2 client: simplify test with mock-responses
3a43b5b559 client: refactor ServiceCreate, ServiceUpdate, SwarmUpdate
0fe6be8c38 client: remove roundTripFunc, bytesBufferClose
b9dd7c0d59 client: tidy-up mock-utilities
a315437e1c client: rename transportFunc -> testRoundTripper
0971a3bcb8 Inspect: API v1.51 compatibility
f733b411a1 client: remove unused hasEndpointSpecificMacAddress utility
5a5d39205c client: rename `ServiceListResult.Services` to `ServiceListResult.Items`
94ab385eb5 client/container_exec: Wrap options and result, rename to Exec
ea0d934ff2 Allow requesting networks with a custom prefix size from the default pools
5c67034952 Dockerfile: upgrade Delve to v1.25.2
5b46429122 client: please the linters
c7fe7136d2 client: gofumpt
909e32b27d client: refactor plugin api client functions to define options/results structs
362e9d088f client/distribution_inspect: Wrap options and result
f09ca78b45 api/types: fix godoc
7ceea4148a client/node: Wrap options and output
8dc5d1e64d api/types: move Ping and swarm.Status to client
6819a9fc1e client/image_tag: Wrap options and result
347693a580 client/image_remove&search: Wrap options and result
b3974f07f5 client/image_list: Wrap options and result
a7f409014f client/image_create&import: Wrap options and result
5cc1e5f800 client/build_cancel: Wrap options and result
51ed1a9a37 client/image_build: Rename output to ImageBuildResult
cd08b79c02 client: refactor service api client functions for defined options/result structs
e3c6dc2a91 client: VolumeInspect: add options struct
8f50d38231 client: SwarmInspect: add options struct
95fac07ccc client/secrets: Wrap results and options
ebc92e015a client: PluginInspectWithRaw: refactor and rename to PluginInspect
8cd377bd9c internal/testutil/daemon: remove "Config" utilities
f5b0ce3988 integration/network: TestServiceWithDefaultAddressPoolInit fix log
2c5e0a008a client: rename ConfigListResult.Configs to ConfigListResult.Items
67cbf36ac9 client: remove VolumeInspectWithRaw, merge with VolumeInspect
5a04a9718d client: rename VolumeListResult.List to VolumeListResult.Items
485b95600a client: NetworkList: wrap result
3fbf5a3bd1 client: NetworkInspect: wrap result and remove NetworkInspectWithRaw
612342198c client: refactor swarm api functions to wrap params/responses
343185cf1a libnetwork: move Network.resolveDriver to Controller
68e1a8805b Dockerfile: test against containerd v2.1.4
ee3cab4158 libnetwork/drivers/overlay: pass context for logger
38ef4fd576 client: refactor task responses
2d69edd28a client/image_(inspect,history,load,save): Wrap return values
35acf347eb hack: disable go telemetry in integration tests
9fe856a5f3 integration-cli: move some tests to integration
62a71a8261 test: migrate test api error not found json
33fc45e5c5 libnetwork: EndpointInterface: cleanup marshal/unmarshal
48c2d8c458 libnetwork: support custom DNS servers in Windows overlay driver
a8950e0192 api/types/container: remove deprecated Config.MacAddress
79912d4c7f daemon: Daemon.getInspectData: move migration code to router
91ce33d4b0 daemon/server/router/container: remove uses of deprecated MacAddress
0030ba21e3 client: ContainerCreate: remove handling of legacy MacAddress
e5864a51ac integration/networking: TestWatchtowerCreate: rewrite with request util
8088de791c integration/networking: TestInspectCfgdMAC: rewrite with request util
b4b0b6f10f integration/container: rewrite with request for MacAddress
4b22807a0f gha/labeler: Exclude client and api modules from dependencies label
abf5679049 client/inspect: Better Raw handling
ee22a50b75 client/config: Use Config instead of Spec as field
f4b06e66e1 client/config: Wrap results and options
42ba5466c7 api: rename `volumes.CreateOptions` to `volumes.CreateRequest`
a2fd724453 client: wrap volume create api options with client options
600edfe55c Move container platform migration logic
3a90dd8b8f Adding support for memory swap settings for services
d4e6d4f697 client/volume: refactor volume options and responses
975e46f726 libnetwork/datastore: small cleanups
10faa629fe libnetwork/drivers/macvlan, ipvlan: assorted minor cleanups
a013147c40 libnetwork/drivers/macvlan: parentHasSingleUser: don't create copy of networks
65296cd0e7 libnetwork/drivers/macvlan, ipvlan: un-embed mutexes
a2f4f09f91 libnetwork/drivers/macvlan, ipvlan: remove unused sync.Once
5276dd8e9a libnetwork/drivers/ipvlan: remove ifaceGateway utility
d481c09fa7 libnetwork/drivers/macvlan, ipvlan: make driver.leave a stub
aec6e7f7b6 libnetwork/drivers/macvlan, ipvlan: remove networkTable, endpointTable
bf7277f8fe libnetwork/drivers/macvlan, ipvlan: remove getSubnetforIPv6, getSubnetforIPv4
a294445345 ibnetwork/drivers/macvlan, ipvlan: align and fix potential panic
17425cff08 libnetwork/drivers/macvlan, ipvlan: driver.Join: don't fetch endpoint twice
3906199019 internal/testutil/request: add ReadJSONResponse utility
ee043729a0 integration/container: Make tests runnable on SELinux enabled daemon
5061d0a74d api/types/swarm: remove deprecated ServiceSpec.Networks field
acda47637c ci: update docker-py to main (v7.2.0-dev)
6da63a3ed5 client: VolumePruneOptions: add "All" option
2d1429c62c introduce ImagePushResponse
e1722eb8d8 daemon/command: disable c8d snapshotter when userns remapping enabled
docker-moby/cli: update to v29.2.1
5eb91665d docs: fix typos
d6c6bbf57 docker-bake.hcl: use default GO_VERSION from Dockerfile
2d5d0842c update to go1.25.7
def41fe65 docs: fix typo in dockerd.md for 'replacement'
58413ca11 Dockerfile: update tonistiigi/xx to v1.9.0
df3e9237d opts: MountOpt: extract utility functions and don't set empty values
d781df8b5 opts: MountOpt: extract validation to a separate function
f35fb0f5a cli/command: TestGetDefaultAuthConfig: cleanup test file
fe1af9206 opts: MountOpt: improve validation of boolean values
5de99e672 opts: MountOpt: improve validation for whitespace in values
9620e4178 opts: MountOpt: improve validation for whitespace in options
e888a6e00 opts: remove outdated comment
bcc14559c opts: MountOpt: relax client-side validation of mount target
defbe23de opts: MountOpt: improve error for empty value
77e02a92e opts: MountOpt: add test-coverage for volume options
2c8bf677f opts: MountOpt: remove duplicate test
7ebc2f7c2 opts: MountOpt: rewrite TestMountOptVolumeNoCopy to a table-test
a850b054a opts: MountOpt: rewrite TestMountOptDefaultEnableReadOnly to a table-test
f3efc27a1 opts: MountOpt: combine error tests into a test-table
9c9ec7358 vendor: github.com/moby/moby/client v0.2.2
bab3e81e1 vendor: github.com/moby/moby/api v1.53.0
e34a3422c templates: make "join" work with non-string slices and map values
771660a17 vendor: github.com/go-viper/mapstructure/v2 v2.5.0
08ed2bc6e cli/command/container: make injecting config.json failures a warning
e9ceb2f5a vendor: golang.org/x/net v0.49.0
faf8a0836 vendor: golang.org/x/term v0.39.0
daa4d4e4a vendor: golang.org/x/text v0.33.0
a4aee9bf5 vendor: golang.org/x/sys v0.40.0
ce489e0db vendor: github.com/klauspost/compress v1.18.3
ef0847596 cli/command/container: ignore "not found" error on cidfile.Close
16bbf5d07 cli/command/container: cidFile.Write: include CID in error message
ed566e723 cli/command/container: createContainer: remove intermediate vars
cfb71de7d cli/command/container: createContainer: remove redundant closure
adfb40ceb cli/command/container: remove outdated TODO
ceea57b46 cli/command/container: copyDockerConfigIntoContainer: close TarWriter
effdf1b45 cli/command/container: rename vars to use correct camelCase
ccbe206a8 cli/command/containerd: parseSecurityOpts: remove redundant sprintf
c8841ac1b vendor: moby/api v1.53.0-rc.2, moby/client v0.2.2-rc.2
7e8457115 update to go1.25.6
86bd884ac docs: Fix daemon.json typo
16873675b vendor: github.com/sirupsen/logrus v1.9.4
b21139c30 internal/jsonstream: TestDisplay use streamformatter
d6cdb71e2 cli/command: RetrieveAuthTokenFromImage: remove redundant conditions
b13b774e2 man: reformat docker-run.1.md to prevent linting warnings
816f4556c internal/registryclient: simplify notFoundError
d61519f99 internal/registryclient: allEndpoints: pass through context
fe3157419 improve validation of "--detach-keys" options
6a93e7803 cli/command: add WithAPIClientOptions option
db762956d login: touch-up error for non-TTY
4b0ec0d4e cli/command: DockerCli: store API-client options as field
f9f2d822b cli/command: make TestSetGoDebug more predictable
391acef40 Improve clarity of environment variables description
a6f8391c9 vendor: github.com/docker/docker-credential-helpers v0.9.5
14cffdbfa gha: run unit-tests in go modules mode, to prevent traversing nested modules
0cd2c1858 vendor: golang.org/x/net v0.48.0
647ab775d vendor: golang.org/x/term v0.38.0
a1799eacd vendor: golang.org/x/text v0.32.0
a78533373 vendor: golang.org/x/sync v0.19.0
e2a368fa4 vendor: golang.org/x/sys v0.39.0
ab5d4d4f8 cli/compose/loader: rewrite with reflect.TypeFor
3ce8f1d80 vendor: github.com/moby/go-archive v0.2.0
8205124d5 cli/command/node: nodeContext: remove uses of reflect
40f052c7e cli/command/container: use reflect IsZero
f28565d17 cli/command/service: replace reflect for gotest.tools assertion
e715dd507 cli/command/volume: remove uses of reflect in test
3811f24f4 cli/connhelper: replace reflect for gotest.tools assertion
a89b2e19f cli/command/formatter: rewrite some tests with gotest.tools
90ae5b813 cli/command: replace reflect for gotest.tools assertion
a0e303a0e opts/swarmopts: add missing build-tag
03dfab401 remove uses of deprecated go-archive consts
dd6d0cd80 vendor: tags.cncf.io/container-device-interface v1.1.0
4743d1d89 Makefile/yamldocs: Don't require TTY
485106679 docs/container: Update dead link
226af6814 cli/command/service: fix API version for memory-swap, memory-swappiness
13759330b cli-plugins/manager: remove legacy system-wide cli-plugin path
302498c33 vendor: github.com/moby/moby/client v0.2.2-rc.1
def847be9 vendor: github.com/moby/moby/api v1.53.0-rc.1
2a903c52d Include NRI in info output
d8351dbe6 Vendor moby/[api|client] from moby master
f7ddc8a7d docs: Update --all flag description to clarify it shows dangling images
4d7a8b0fd build(deps): bump actions/upload-artifact from 5 to 6
0f03c31ab image/list: Fix `dangling=false` handling
1e259062f cli/tree: Remove unused `all` field
09a46645a image/tree: Add golden test
0d88411f1 image/tree: Remove --all flag check for untagged images in non-expanded view
b31598389 image/tree: Fix width calculation for untagged images
150a25b9f image/tree: Extract untagged image name to const
67f5e3413 image: Fix dangling image detection with graphdrivers
2e3425fbd cli/command/container: use consistent casing for dockerCLI arg
de098367d cli/command/container: inline parseWindowsDevice
15de6ce8f vendor: github.com/klauspost/compress v1.18.2
5c406f5ee vendor: github.com/morikuni/aec v1.1.0
a6335c422 docker run, create: don't swallow connection errors during validate
49021ad98 vendor: github.com/spf13/cobra v1.10.2, migrate to go.yaml.in/yaml/v3
6f75c0c8e add TODOs for replacing nat.ParsePortSpecs
9c10a9c9a opts/swarmopts: remove use of nat.ParsePortRange
9dfe779ab internal/test: remove unused FakeStore
c81e05eed add shell completion for "docker stack deploy --compose-file"
d54488531 update to go1.25.5
ba683d8df opts/swarmopts: use sub-tests
dd2be022c gha/e2e: Switch to rc and 29 latest
1abfbf298 vendor: github.com/moby/moby/client v0.2.1
e0d30db11 docs: update buildgc example config to use new buildkit v0.17 options
6a0099bc8 cmd/docker-trust: bump golang.org/x/crypto v0.45.0
c90166ffa cmd/docker-trust: update dependencies
ac5e88612 vendor: golang.org/x/net v0.47.0
3ec414638 vendor: golang.org/x/term v0.37.0
616e93a0c vendor: golang.org/x/text v0.31.0
1202f8a64 vendor: golang.org/x/sync v0.18.0
b67055c96 vendor: golang.org/x/sys v0.38.0
475961583 image/tree: Allow image names to overflow instead of truncating
3099d4716 build(deps): bump actions/checkout from 5 to 6
d84396d4e image ls: allow custom format in cli config
6751cd169 docker version: restore top-level BuildTime to RFC3339Nano
3a842587f chore: update link/linktext to dockerd proxy config
dd2c49382 cli/command/system: Fix missing components in version output
207bf52c2 image/tree: Only show untagged images when --all flag is used
be9e6308f image/tree: Respect NO_COLOR env variable
ed281ddf5 image/list: Print legend only if limiting width
aa5d00a3a image/tree: Don't limit name width if non tty
b66b93130 image/tree: Fix untagged images in non-expanded view
bff56f049 cli/command/system: define struct for formatting version
d787e70a1 cli/connhelper/commandcon: remove warn logs
ebc1995f9 vendor: github.com/moby/moby/api v1.52.0, moby/client v0.1.0
ad96811f1 swarm: Add memory swap support (no stack/compose support)
6ba06b5fb Revert "cli/compose: add schema 3.14 (no changes from 3.13 yet)"
e0716b571 Revert "Add memory swap to swarm"
4b450f113 vendor: github.com/moby/moby/api, moby/client master
1d789e409 cli/command/system: add missing "go:build"
b3824015d vendor: github.com/moby/moby/api v1.52.0-rc.1, moby/client v0.1.0-rc.1
d67291026 vendor.mod: remove replace
41088ed7d vendor: go.opentelemetry.io/auto/sdk v1.2.1
712f569f1 vendor: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0
7736f5e60 vendor: align other otel packages to v1.38.0
d45551dac cli/command: update to semconv v1.37.0, otel v1.38.0
71828f279 Add memory swap to swarm
d0c86d39e cli/compose: add schema 3.14 (no changes from 3.13 yet)
5039eee77 vendor: github.com/moby/moby/api master, moby/client master
cee9ea67f lint: run in go-modules mode
b2aa690b2 scripts/build/binary: remove pkcs11 build tag
c1a53ae7b cmd/docker-trust: remove dependency on cli/internal
06914dd0f make trust-plugin a separate module
c9bb29115 implement `docker trust` as plugin
dd70b43bc chore: update broken link to restrucured docker desktop documentation
f2755b02d update to go1.25.4
880ef756b Fix static build + CGO
0976389e1 vendor: golang.org/x/net v0.46.0, golang.org/x/crypto v0.43.0
c733cb053 vendor: golang.org/x/time v0.14.0
1f77c6f1c vendor: golang.org/x/term v0.36.0
dcce972f4 vendor: golang.org/x/text v0.30.0
b11d143cd vendor: golang.org/x/sync v0.17.0
0c8ce84a6 vendor: golang.org/x/sys v0.37.0
d9f7e4b0c cli/command/service: use enum-consts defined in API
774f1d60a cli/command/service: parse generic resources without protobufs
437ed4c1e Dockerfile: update golangci-lint to v2.6.1
c4a28d0d3 vendor: github.com/go-jose/go-jose/v4 v4.1.3
f8d036512 fix perfsprint (concat-loop) linting
7b624841c update minimum go version to go1.24
82b47c8e5 vendor: github.com/moby/swarmkit/v2 v2.1.1
3a9178813 vendor: github.com/containerd/platforms v1.0.0-rc.2
61d88c951 lint: don't disable modules
9bce085b1 vendor: github.com/mattn/go-runewidth v0.0.19
e0b1ab68f cli/command/container: fix use of generics
e5f46499b image/tree: Fix table header having escape codes when not tty
d5d2ed5ba image/tree: Add test for checking ansi escape output
1a261e3f5 image/tree: Use streams interface
4893a5d5e completion/zsh: Allow multiple volumes of 'volume rm'
700875b66 Plugin may set itself as hidden
ad776d1e1 remove support for client-side docker content trust validation
259df25a9 cli: allManagementSubCommands: improve handling of plugin stubs
aa62a6a97 docs: update link to libnetwork protocol doc
ef16d8230 vendor: github.com/moby/moby/api v1.52.0-beta.4, client v0.1.0-beta.3
6fa590033 image/tree: Remove longest->shortest sort
5836040ec Update golden files
f6feef8fe image/test: Fix `go test` args being used by CLI commands
631f32ee9 images/list: Add print ambiguous warning for tree
c41815f17 image/list: Show collapsed tree by default
5d599e932 e2e: add docker v29-rc
50598d21c skip TestBuildIidFileSquash
cf9e1778d Dockerfile: remove notary
c98d9647d e2e: remove DCT tests
8444c911b vendor: github.com/moby/moby master
7f86de931 docs: deprecated: deprecate cgroup v1
7bdb4df07 cli/command/container: use ImagePull instead of ImageCreate
9e7937746 image/tree: Fix dangling filter condition
8e2943c6c image/tree: Sort image tree by name instead of creation date
8767904ae vendor: github.com/moby/moby/api master, moby/client master
b8b4f54a8 fix typo in TODO comment
65496c555 cli/trust: use local definition for PushResult Aux message
e636a2a06 cli/container_rename: Move to API validation
af255acca vendor: github.com/moby/moby master
053aa376e vendor: github.com/moby/moby/api, moby/moby/client master
83319f09f cli/command/container: use per-stats OSType if present
6ed16a2cc vendor: github.com/moby/moby/api, moby/moby/client master
5007c96b0 cli/command/container: collect(): split windows/unix branches
c467ebafd cli/command/container: calculateCPUPercentWindows minor cleanup
689152a80 cli/command/container: calculateCPUPercentUnix: simplify
e01ce69ff cli/command/container: collect: handle context-cancellation
292001a45 cli/command/container: RunStats: early return for non-streaming
0b1c7bc0f cli/command/container: RunStats: small tweaks on closeChan
d309027d5 cli/command/container: RunStats: gracefully handle io.EOF
15b422b31 cli/command/container: RunStats: handle context-cancellation
832fc66ca cli/command/container: RunStats: simplify stats loop
dad1d367c cli/command/container: move debug logs to call-site
f594a7f09 cli/command/image: remove uses of JSON field
4b498addc cli/command/container: don't depend on result.OSType
4a608069a vendor: github.com/moby/moby/api, moby/moby/client master
153f7f10c telemetry: lock the semconv version of the otel sdk
aef2ef8c7 build(deps): bump actions/upload-artifact from 4 to 5
4afbd6146 implement some ad-hoc mocks for responses
056e31464 vendor: github.com/moby/moby/api, moby/moby/client master
64805c295 image/list: Respect `dangling` filter when not using `--all`
e9a941001 image/list: Hide untagged images without `--all`
4f7c07cfc update local code for updated modules
aeb78091a vendor: github.com/moby/moby/api, moby/moby/client master
563f5fe33 vendor: github.com/moby/moby/api, moby/moby/client master
5ba4c17d7 cli/command/container: Simplify with slices.Contains
d252afa6b cli/command/container: add go1.23 build constraint for range-over-func
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
disable buildvcs to improve reproducibility
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Refer [1], cgo will embeded cgo_ldflags in the intermediary output,
which make content ID will be incfluenced by cgo_ldflags.
'--sysroot=xxx' includes build path, which will make the binary not
reproducible, these recipes can build successfully without --sysroot, so
remove it
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
On qemuarm, building nerdctl fails with QA error about textrel.
Add '-buildmode=pie' to fix this issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vruntime multiconfigs (vruntime-aarch64, vruntime-x86-64) trigger
a full BitBake parse of all layers, but only need ~318 recipes to build
the vdkr/vpdmn container runtime stacks. BBMASK set in the vruntime
distro conf only affects parsing for those multiconfigs; the main build
is unaffected.
Add three .inc files, each independently disableable, that mask unused
recipes:
- vruntime-bbmask.inc: meta-virtualization layer (~88 masks covering
virtualization platforms, unused container orchestration/tooling,
and individual go libraries)
- vruntime-bbmask-oe-core.inc: oe-core graphics subdirs, multimedia,
sato, and rt categories
- vruntime-bbmask-meta-oe.inc: meta-oe, meta-networking categories,
plus entire meta-python, meta-filesystems, and meta-webserver layers
Mask patterns were generated from bitbake -g dependency graph analysis
of both aarch64 and x86-64 targets, with all 318 needed PNs (including
-native variants) cross-checked against the patterns. Orphaned bbappend
files in other layers are also masked to prevent parse errors.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix yocto-check-layer failure:
ERROR: Multiconfig dependency mc::vruntime-x86-64:vpdmn-initramfs-create:do_deploy
depends on nonexistent multiconfig configuration named configuration vruntime-x86-64
Several recipes and classes declared static mcdepends referencing
vruntime-aarch64 and vruntime-x86-64 multiconfigs. When parsed without
BBMULTICONFIG set (e.g. yocto-check-layer), BitBake validates these and
fails because the referenced multiconfigs don't exist.
Move mcdepends into anonymous python functions and only set them when
the target multiconfig exists in BBMULTICONFIG, following the pattern
established in meta/classes-recipe/kernel-fit-image.bbclass.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
go build creates read-only files in the module cache during
do_compile. The previous do_fix_go_mod_permissions task ran before
do_compile, so it could not catch these files, causing do_rm_work
to fail with permission errors.
Replace the standalone task with a do_compile postfunc that fixes
module cache permissions after compilation finishes. This covers
all go-mod-vcs recipes regardless of how they invoke go build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This is required for several of the scripts and capabilities
providing local registry support.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add comprehensive test coverage and documentation for the secure
registry infrastructure.
Tests added:
TestRegistryAuthentication - auth modes (none, home, authfile,
credsfile, env, creds, token) for push and import
TestSecureRegistryTLSOnly - TLS-only mode using running registry
TestSecureRegistryWithAuth - isolated TLS+auth instance on port 5001
TestDockerRegistryConfig - static analysis of bbclass/recipe logic
TestContainerCrossInstallSecure - auto IMAGE_INSTALL verification
TestVcontainerSecureRegistry - script pattern verification for
virtio-9p CA transport, daemon _9p=1, shared folder reads
README.md: Document authentication modes (none, home, authfile,
credsfile, env), secure registry setup, PKI generation, target
integration, and CI/CD examples.
conftest.py: Add --secure-registry pytest option and skip_secure
fixture for tests requiring openssl/htpasswd.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Replace bash-specific process substitution (< <(find ...)) with
POSIX-compatible piped find | while constructs. Replace $((...))
arithmetic with expr for broader shell compatibility.
This fixes OCI image delta-copy on systems where /bin/sh is dash
or busybox ash rather than bash.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable vdkr/vcontainer to pull from TLS-secured registries by
transporting the CA certificate via virtio-9p shared folder.
vcontainer-common.sh: Add --secure-registry, --ca-cert, --registry-user,
--registry-password CLI options. Auto-detect bundled CA cert at
registry/ca.crt in the tarball and enable secure mode automatically.
vrunner.sh: Copy CA cert to the virtio-9p shared folder for both
daemon and non-daemon modes. Fix daemon mode missing _9p=1 kernel
cmdline parameter which prevented the init script from mounting the
shared folder.
vdkr-init.sh: Read CA cert from /mnt/share/ca.crt (virtio-9p) instead
of base64-decoding from kernel cmdline (which caused truncation for
large certificates). Install cert to /etc/docker/certs.d/{host}/ca.crt
for Docker TLS verification. Support optional credential passing for
authenticated registries.
vcontainer-tarball.bb: Add script files to SRC_URI for proper file
tracking and rebuild triggers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Install CA certificates and registry configuration into target images
so they can pull from the secure registry at runtime.
docker-registry-config.bb: When CONTAINER_REGISTRY_SECURE=1, install
the CA cert to /etc/docker/certs.d/{host}/ca.crt instead of adding
insecure-registries to daemon.json. Translates localhost/127.0.0.1 to
10.0.2.2 for QEMU targets where the host registry is accessed via
slirp networking.
container-oci-registry-config.bb: Same secure mode support for
podman/CRI-O with insecure=false in registries.conf.
container-registry-ca.bb: New recipe that installs the CA certificate
to Docker, podman/CRI-O, and system trust store paths on the target.
container-cross-install.bbclass: Auto-add docker-registry-config or
container-oci-registry-config to IMAGE_INSTALL when
CONTAINER_REGISTRY_SECURE=1, based on the configured container engine.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add opt-in secure registry mode with auto-generated TLS certificates
and htpasswd authentication.
New BitBake variables:
CONTAINER_REGISTRY_SECURE - Enable TLS (HTTPS) for local registry
CONTAINER_REGISTRY_AUTH - Enable htpasswd auth (requires SECURE=1)
CONTAINER_REGISTRY_USERNAME/PASSWORD - Credential configuration
CONTAINER_REGISTRY_CERT_DAYS/CA_DAYS - Certificate validity
CONTAINER_REGISTRY_CERT_SAN - Custom SAN entries
The bbclass validates conflicting settings (AUTH without SECURE) and
provides credential helper functions for skopeo push operations.
PKI infrastructure (CA + server cert with SAN) is auto-generated at
bitbake build time via openssl-native. The generated helper script
supports both TLS-only and TLS+auth modes.
The script now supports environment variable overrides for
CONTAINER_REGISTRY_STORAGE, CONTAINER_REGISTRY_URL, and
CONTAINER_REGISTRY_NAMESPACE, uses per-port PID files to allow
multiple instances, and auto-generates config files when running
from an overridden storage path.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
oe-core [1] removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS to avoid passing
prefix-map options via the linker flags. This is fine for most projects
since DEBUG_PREFIX_MAP is also provided via CFLAGS at configure time.
However, lxc enables LTO by default, which causes link-time code generation
to (re)emit debug information during the link step. Without DEBUG_PREFIX_MAP
on the link command line, TMPDIR/WORKDIR paths can leak into DWARF,
triggering the buildpaths QA check and breaking reproducibility.
Append DEBUG_PREFIX_MAP back to TARGET_LDFLAGS for lxc to ensure prefix-map
options are visible during LTO link-time compilation.
[1]
https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add pytest tests to verify CONTAINER_SERVICE_FILE varflag support:
TestCustomServiceFileSupport (unit tests, no build required):
- test_bbclass_has_service_file_support
- test_bundle_class_has_service_file_support
- test_service_file_map_syntax
- test_install_custom_service_function
TestCustomServiceFileBoot (boot tests, require built image):
- test_systemd_services_directory_exists
- test_container_services_present
- test_container_service_enabled
- test_custom_service_content
- test_podman_quadlet_directory
Documentation updates:
- docs/container-bundling.md: Add "Custom Service Files" section with
variable format, usage examples for both BUNDLED_CONTAINERS and
container-bundle packages, and example .service/.container files
- tests/README.md: Add test class entries to structure diagram and
"What the Tests Check" table
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for custom systemd service files (Docker) or Quadlet
container files (Podman) instead of auto-generated ones for container
autostart.
For containers requiring specific startup configuration (ports, volumes,
capabilities, dependencies), users can now provide custom service files
using the CONTAINER_SERVICE_FILE varflag:
CONTAINER_SERVICE_FILE[container-name] = "${UNPACKDIR}/myservice.service"
For BUNDLED_CONTAINERS in image recipes:
SRC_URI += "file://myapp.service"
BUNDLED_CONTAINERS = "myapp-container:docker:autostart"
CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service"
For container-bundle packages:
SRC_URI = "file://myapp.service"
CONTAINER_BUNDLES = "myapp-container:autostart"
CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service"
Implementation:
- container-cross-install.bbclass: Add get_container_service_file_map()
to build varflag map, install_custom_service() for BUNDLED_CONTAINERS,
and install_custom_service_from_bundle() for bundle packages
- container-bundle.bbclass: Install custom service files to
${datadir}/container-bundles/${runtime}/services/
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add two enhancements to multi-layer OCI image support:
1. Delta-only copying for directories/files layers:
- directories and files layers now only copy content that doesn't
already exist in the bundle rootfs from earlier layers
- Prevents duplication when a directories layer references paths
that were already populated by a packages layer
- Logs show "delta: N copied, M skipped" for visibility
2. New 'host' layer type for build machine content:
- Copies files from the build machine filesystem (outside Yocto)
- Format: name:host:source_path:dest_path
- Multiple pairs: name:host:src1:dst1+src2:dst2
- Emits warning at parse time about reproducibility impact
- Fatal error if source path doesn't exist
- Use case: deployment-specific config, certificates, keys that
cannot be packaged in recipes
Example:
OCI_LAYERS = "\
base:packages:busybox \
app:directories:/opt/myapp \
certs:host:/etc/ssl/certs/ca.crt:/etc/ssl/certs/ca.crt \
"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, vcontainer recipes had [nostamp] flags that forced all
tasks to rebuild on every bitbake invocation, even when nothing changed.
This was added as a workaround for dependency tracking issues but caused
slow rebuild times.
Changes:
- Make [nostamp] conditional on VCONTAINER_FORCE_BUILD variable
- Default to normal stamp-based caching for faster incremental builds
- file-checksums on do_rootfs still tracks init script changes
- Add VCONTAINER_FORCE_BUILD status to the tarball build banner
To enable the old always-rebuild behavior (for debugging dependency
issues), set in local.conf:
VCONTAINER_FORCE_BUILD = "1"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, building vcontainer-tarball required multiple bitbake
invocations or complex command lines to build both x86_64 and aarch64
blobs. This was a usability issue.
Changes:
- mcdepends now triggers builds for BOTH architectures automatically
- VCONTAINER_ARCHITECTURES defaults to "x86_64 aarch64" (was auto-detect)
- Add informational banner at parse time showing what will be built
- Fix duplicate sanity check messages when multiconfig is active
Usage is now simply:
bitbake vcontainer-tarball
To build only one architecture, set in local.conf:
VCONTAINER_ARCHITECTURES = "x86_64"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Improve debugging capabilities when Docker daemon fails to start:
- Log dockerd output to /var/log/docker.log instead of /dev/null
- Capture docker info exit code and output for diagnostics
- Show docker info error on every 10th iteration while waiting
- Include last docker info output and docker.log tail on failure
- Extend sleep on failure from 2s to 5s for log review
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add packagegroup recipes to simplify building all container-related
artifacts:
- packagegroup-container-images: Build all OCI container images
(recipes inheriting image-oci)
- packagegroup-container-bundles: Build all container bundles
(recipes inheriting container-bundle)
- packagegroup-container-demo: Build all demo containers and bundles
Usage:
bitbake packagegroup-container-images
bitbake packagegroup-container-bundles
bitbake packagegroup-container-demo
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement reliable idle timeout for vmemres daemon mode using
host-side monitoring with QMP-based shutdown, and container-aware
idle detection via virtio-9p shared file.
Host-side changes (vrunner.sh):
- Add -no-reboot flag to QEMU for clean exit semantics
- Spawn background watchdog when daemon starts
- Watchdog monitors activity file timestamp
- Check interval scales to idle timeout (timeout/5, clamped 10-60s)
- Read container status from shared file (guest writes via virtio-9p)
- Only shutdown if no containers are running
- Send QMP "quit" command for graceful shutdown
- Watchdog auto-exits if QEMU dies (no zombie processes)
- Touch activity file in daemon_send() for user activity tracking
Config changes (vcontainer-common.sh):
- Add idle-timeout to build_runner_args() so it's always passed
Guest-side changes (vcontainer-init-common.sh):
- Add watchdog that writes container status to /mnt/share/.containers_running
- Host reads this file instead of socket commands (avoids output corruption)
- Close inherited virtio-serial fd 3 in watchdog subshell to prevent leaks
- Guest-side shutdown logic preserved but disabled (QMP more reliable)
- Handle Yocto read-only-rootfs volatile directories (/var/volatile)
The shared file approach avoids sending container check commands through
the daemon socket, which previously caused output corruption on the
single-stream virtio-serial channel.
The idle timeout is configurable via: vdkr vconfig idle-timeout <secs>
Default: 1800 seconds (30 minutes)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update vcontainer-initramfs-create.inc to use the image-based approach:
- Depend on tiny-initramfs-image for cpio.gz (replaces file extraction)
- Depend on rootfs-image for squashfs (unchanged)
- Remove DEPENDS on squashfs-tools-native (no longer extracting files)
Update recipe files to use the consolidated inc:
- vdkr-initramfs-create_1.0.bb
- vpdmn-initramfs-create_1.0.bb
Boot flow remains unchanged:
QEMU boots kernel + tiny initramfs
-> preinit mounts rootfs.img from /dev/vda
-> switch_root into rootfs.img
-> vdkr-init.sh or vpdmn-init.sh runs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add proper Yocto image recipes for the tiny initramfs used by
vdkr/vpdmn in the switch_root boot flow:
- vcontainer-tiny-initramfs-image.inc: Shared image configuration
- vcontainer-preinit_1.0.bb: Preinit script package (shared)
- vdkr-tiny-initramfs-image.bb: Tiny initramfs for vdkr
- vpdmn-tiny-initramfs-image.bb: Tiny initramfs for vpdmn
The tiny initramfs contains only busybox and a preinit script that:
1. Mounts devtmpfs, proc, sysfs
2. Mounts the squashfs rootfs.img from /dev/vda
3. Creates tmpfs overlay for writes
4. Performs switch_root to the real rootfs
This replaces ad-hoc file extraction with proper image-based builds,
improving reproducibility and maintainability.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Add expect to the vcontainer SDK toolchain for interactive testing
and automation scripts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Kernel 6.18+ split iptables into legacy/nftables backends. Docker
requires the legacy iptables support, so add the kernel configuration
for the full dependency chain:
- CONFIG_NETFILTER_XTABLES_LEGACY=y
- CONFIG_IP_NF_IPTABLES_LEGACY=m
- CONFIG_IP_NF_FILTER=m
- CONFIG_IP_NF_NAT=m
- CONFIG_IP_NF_TARGET_MASQUERADE=m
Without these, Docker's iptables rules fail to load on 6.18+ kernels.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix virtio-9p (virtfs) support for container-cross-install batch
imports which provides ~50x speedup over base64-over-serial.
The issue was that native recipes don't see target DISTRO_FEATURES,
so qemu-system-native wasn't getting virtfs enabled.
Fix by:
- layer.conf: Propagate virtualization to DISTRO_FEATURES_NATIVE when
vcontainer or virtualization is in target DISTRO_FEATURES
- qemu-system-native: Check DISTRO_FEATURES_NATIVE for virtfs enable
- container-cross-install: Prepend native sysroot to PATH so vrunner
finds the QEMU with virtfs support
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vruntime distro is used for multiconfig builds of both vdkr
(Docker/runc) and vpdmn (Podman/crun) images. When CONTAINER_PROFILE
or VIRTUAL-RUNTIME_container_runtime is set, containerd and podman
pull their preferred runtime via RDEPENDS, causing package conflicts.
Fix by having vruntime distro NOT participate in CONTAINER_PROFILE:
- Set VIRTUAL-RUNTIME_container_runtime="" to prevent automatic
runtime selection
- Explicitly install runc in vdkr-rootfs-image.bb
- Explicitly install crun in vpdmn-rootfs-image.bb
This allows both images to be built in the same multiconfig without
conflicts, while standard container-host images continue to use
CONTAINER_PROFILE normally.
Also add kernel-modules to vdkr-rootfs-image for overlay filesystem
support.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
When CRUN_AS_RUNC is enabled (default), crun creates a /usr/bin/runc
symlink that conflicts with the runc package's /usr/bin/runc binary.
Add RCONFLICTS to declare this conflict so package managers prevent
both from being installed simultaneously.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add sanity check that warns when vcontainer distro feature is enabled
but BBMULTICONFIG is missing the required vruntime-* multiconfigs.
Add qemu-system-native bbappend to auto-enable virtfs (virtio-9p) when
vcontainer or virtualization distro feature is set. This is required
for the fast batch-import path in container-cross-install.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add demo recipe that bundles app-container-multilayer to demonstrate
multi-layer OCI images with container-cross-install.
Usage:
IMAGE_INSTALL:append:pn-container-image-host = " multilayer-container-bundle"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add functions to detect and handle multi-architecture OCI Image Index
format with automatic platform selection during import. Also add
oci-multiarch.bbclass for build-time multi-arch OCI creation.
Runtime support (vcontainer-common.sh):
- is_oci_image_index() - detect multi-arch OCI images
- get_oci_platforms() - list available platforms
- select_platform_manifest() - select manifest for target architecture
- extract_platform_oci() - extract single platform to new OCI dir
- normalize_arch_to_oci/from_oci() - architecture name mapping
- Update vimport to auto-select platform from multi-arch images
Build-time support (oci-multiarch.bbclass):
- Create OCI Image Index from multiconfig builds
- Collect images from vruntime-aarch64, vruntime-x86-64
- Combine blobs and create unified manifest list
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Abstract registry configuration for Docker/Podman compatibility and add
multi-directory scanning for easy multi-arch manifest list creation.
- Support both DOCKER_REGISTRY_INSECURE and CONTAINER_REGISTRY_INSECURE
- Add DEPLOY_DIR_IMAGES to scan all machine directories
- Support push by path (single OCI) and push by name (all archs)
- Add environment variable overrides for flexibility
- Single 'push' command now creates multi-arch manifest lists
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix extract_container_info() to properly handle multi-part container names
and add automatic runtime detection based on CONTAINER_PROFILE.
- Fix multi-part name parsing (app-container-multilayer-latest-oci now
correctly becomes app-container-multilayer:latest)
- Add CONTAINER_DEFAULT_RUNTIME from CONTAINER_PROFILE
- Add CONTAINER_IMPORT_TIMEOUT_BASE/PER for dynamic timeout scaling
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add virtio-9p filesystem support for faster storage output during batch
container imports, replacing slow base64-over-console method.
- Add --timeout option for configurable import timeouts
- Mount virtio-9p share in batch-import mode
- Parse _9p=1 kernel parameter for 9p availability
- Write storage.tar directly to shared filesystem
- Reduces import time from ~600s to ~11s for large containers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add layer caching to speed up multi-layer OCI image rebuilds. When
enabled, pre-installed package layers are cached to disk and restored
on subsequent builds, avoiding repeated package installation.
New variables:
- OCI_LAYER_CACHE: Enable/disable caching (default "1")
- OCI_LAYER_CACHE_DIR: Cache location (default ${TOPDIR}/oci-layer-cache/${MACHINE})
Cache key is computed from:
- Layer name and type
- Sorted package list
- Package versions from PKGDATA_DIR
- MACHINE and TUNE_PKGARCH
Cache automatically invalidates when:
- Package versions change
- Layer definition changes
- Architecture changes
Benefits:
- First build: ~10-30s per layer (cache miss, packages installed)
- Subsequent builds: ~1s per layer (cache hit, files copied)
- Shared across recipes with identical layer definitions
Build log shows cache status:
NOTE: OCI Cache HIT: Layer 'base' (be88c180f651416b)
NOTE: OCI: Pre-installed packages for 3 layers (cache: 3 hits, 0 misses)
Also adds comprehensive pytest suite for multi-layer OCI functionality
including tests for 1/2/3 layer modes and cache behavior.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
