crun: update to 1.24

Along with the updates, there seems to be an interaction with our configuration that is causing generation issues for APIs. We do some tweaks to the script to work in our environment. Bumping crun to version 1.24-19-g64611d7a, which comprises the following commits: a9187097 Reset the inherited cpu affinity d41a45ce Add .editorconfig 1188a679 configure.ac: check if error function is available a569c2e7 cgroup, systemd: improved "same bpf" check ccbf0d96 tests: Replace sprintf with snprintf for security fc084fdf chroot_realpath: Replace sprintf with snprintf b2032647 tests: fix compiler error 7417ead6 Add tmt integration plan 54693209 NEWS: tag 1.24 676c2c12 linux: fix array bounds warning in libcrun_configure_network d8a88c06 criu: checkpoint correctly the shared empty directory path 6ead5130 linux: add support for numa set_mempolicy(2) 05b9f561 container: add missing crun_make_error 7f9447ec Revert "cgroup: do not create a sub-cgroup by default" 275305f8 intelrdt: honor default closID e9711231 intelrdt: factor common code in a new function dfdcf776 intelrdt: add support for EnableMonitoring 6c10fb5b intelrdt: check that schemata is not empty before failing a9affe5d status: fix error check a1119953 cgroup, systemd: validate ebpf is loaded 7160e31b libocispec: sync 4004e5be linux: optimize masked paths with shared empty directory 13d4770d contrib: format contrib files 8aa7545e krun: avoid failing if sev/nitro are not available 1556c13f src/libcrun: limit tmpfs memory usage for masked paths 28d60d87 krun: ensure spec->linux->resources->devices exists e486eeab linux: fix regression mounting within userns 146fdcfe tests: remove unused debug_on_error option 37f702b7 tests: add ability to set debug=True 2aac0f56 Fix BOF d417e0a4 Fixed BOF cfedf930 build(deps): bump actions/checkout from 4 to 5 eb9912e0 build: add check for static builds 262d6ac3 cgroup: do not create a sub-cgroup by default Bumping libocispec to latest, which comprises the following commits: 345279c runtime-spec: update from upstream c3e5101 image-spec: update from upstream 92656e9 runtime-spec: update from upstream 19d5aeb runtime-spec: update from upstream 3c98525 image-spec: update from upstream 9d1955f sources.py: fix unconditional return in map value clone Bumping runtime-spec to version v1.2.1-39-g5610abd, which comprises the following commits: d7de8c0 ci: bump golangci-lint to v2.5 9758011 ci: add codespell job, fix existing issues 9efd9f2 schema/defs-linux.json: fix max for FileMode 09ec668 config-linux,schema: fix FileMode description 87f15fb schema: fix json 869b2d5 linux: clarify pids cgroup settings a6c310a config-linux: clarify when the RDT sub-directory should be removed. b280c07 config-linux: clarify the "MB:"-line filtering in RDT. 84b6c2c docs: fix and elaborate the nodes field in Linux memory policy 0758679 features-linux: expose IntelRdt monitoring support e51a839 config-linux: define default clos for linux.intelRdt 642344a specs-go/features: add linux.intelRdt.schemata field 34a39b9 config-linux: add intelRdt.enableMonitoring (#1287) afd830f principles: fix typo 57c9495 Add support for Linux memory policy c6b3b08 runtime: fail when a poststart hook fails af0d16d config: Add Hardware description object to the VM configuration Bumping image-spec to version v1.1.1-22-g6519a62, which comprises the following commits: 02ba6e2 Descriptor size cannot be negative cee899b Fix: Add entry to schema/go.sum 558802d Docs: Update pandoc for rendering documentation 693d8d7 Update to github.com/russross/blackfriday/v2 cbb69e2 Update to github.com/santhosh-tekuri/jsonschema/v6 d0e1005 Split github.com/opencontainers/image-spec/schema into a separate Go module 84ee56d Fix: correct a broken link to "applying changesets" 0bb67c2 Update GitHub Actions configuration ab50866 Chore: Remove GOPATH from GitHub Actions 4fecf47 Add blake3 as a registered/supported hash algorithm Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2025-12-13 21:55:23 +01:00 · 2025-10-16 12:20:16 -04:00 · 2025-10-16 12:20:16 -04:00 · 5cbd89ca26
commit 5cbd89ca26
parent c371e230f4
3 changed files with 81 additions and 5 deletions
--- a/recipes-containers/crun/crun/0001-libocispec-correctly-parse-JSON-schema-references.patch
+++ b/recipes-containers/crun/crun/0001-libocispec-correctly-parse-JSON-schema-references.patch
@ -0,0 +1,43 @@
+From 30ff5f092bc9799b7037f94fe415ae98f447013a Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@gmail.com>
+Date: Fri, 17 Oct 2025 11:03:41 -0400
+Subject: [PATCH] libocispec: correctly parse JSON schema references
+
+The `generate.py` script was failing to parse JSON schema references that
+use a `#` to separate the file path from the fragment. The script was
+incorrectly splitting the reference at `#/`, which caused `FileNotFoundError`
+for local references (e.g. `#definitions/uint32`) and for references
+to other files (e.g. `config-solaris.json#/solaris`).
+
+This commit fixes the `splite_ref_name` function to correctly split the
+reference at the `#` character, and handles both local and remote
+references properly.
+
+Upstream-Status: Inappropriate [configuration specific]
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
+---
+ src/ocispec/generate.py | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/ocispec/generate.py b/src/ocispec/generate.py
+index 530d69d..75bed78 100755
+--- a/src/ocispec/generate.py
+++ b/src/ocispec/generate.py
+@@ -150,7 +150,12 @@ def splite_ref_name(ref):
+     Interface: None
+     History: 2019-06-17
+     """
+-    tmp_f, tmp_r = ref.split("#/") if '#/' in ref else (ref, "")
+    if '#' in ref:
+        parts = ref.split('#', 1)
+        tmp_f = parts[0]
+        tmp_r = parts[1].lstrip('/')
+    else:
+        tmp_f, tmp_r = ref, ""
+     return tmp_f, tmp_r
+ 
+ 
+-- 
+2.39.2
+
--- a/recipes-containers/crun/crun/0002-libocispec-fix-array-items-parsing.patch
+++ b/recipes-containers/crun/crun/0002-libocispec-fix-array-items-parsing.patch
@ -0,0 +1,31 @@
+From: Bruce Ashfield <bruce.ashfield@gmail.com>
+Date: Fri, 17 Oct 2025 12:00:00 -0400
+Subject: [PATCH] libocispec: fix array items parsing
+
+The `generate.py` script fails when an array's `items` property is an
+array of schemas, which is valid according to the JSON schema spec.
+This commit adds a check to handle this case by using the first schema
+in the array.
+
+Upstream-Status: Inappropriate [configuration specific]
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
+
+---
+ src/ocispec/generate.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/ocispec/generate.py b/src/ocispec/generate.py
+--- a/src/ocispec/generate.py
+++ b/src/ocispec/generate.py
+@@ -423,6 +423,10 @@
+     History: 2019-06-17
+     """
+     cur = node_info.cur
+
+    if isinstance(cur["items"], list):
+        # If items is a list, use the first element as the item schema.
+        cur["items"] = cur["items"][0]
+ 
+     if 'allOf' in cur["items"]:
+         return gen_all_arr_typnode(node_info, src, typ, refname)
--- a/recipes-containers/crun/crun_git.bb
+++ b/recipes-containers/crun/crun_git.bb
@ -3,10 +3,10 @@ LICENSE = "GPL-2.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
 PRIORITY = "optional"

-SRCREV_crun = "ca8e5c74c13dbd5b1125d0357a9081d283a50971"
-SRCREV_libocispec = "68397329bc51a66c56938fc4111fac751d6fd3b0"
-SRCREV_ispec = "64294bd7a2bf2537e1a6a34d687caae70300b0c4"
-SRCREV_rspec = "82cca47c22f5e87880421381fe1f8e0ef541ab64"
+SRCREV_crun = "64611d7ac938b8397e8a00a0e69987583fadec7d"
+SRCREV_libocispec = "552ccbbad3aaff8e07e8fbad210ec3b4c9c95a66"
+SRCREV_ispec = "6519a62d628ec31b5da156de745b516d8850c8e3"
+SRCREV_rspec = "5610abdb9fac3b48b2c0ba6216d77320cbbbfb6f"
 SRCREV_yajl = "f344d21280c3e4094919fd318bc5ce75da91fc06"

 SRCREV_FORMAT = "crun_rspec"
@ -15,9 +15,11 @@ SRC_URI = "git://github.com/containers/crun.git;branch=main;name=crun;protocol=h
           git://github.com/opencontainers/runtime-spec.git;branch=main;name=rspec;destsuffix=${BB_GIT_DEFAULT_DESTSUFFIX}/libocispec/runtime-spec;protocol=https \
           git://github.com/opencontainers/image-spec.git;branch=main;name=ispec;destsuffix=${BB_GIT_DEFAULT_DESTSUFFIX}/libocispec/image-spec;protocol=https \
           git://github.com/containers/yajl.git;branch=main;name=yajl;destsuffix=${BB_GIT_DEFAULT_DESTSUFFIX}/libocispec/yajl;protocol=https \
+           file://0001-libocispec-correctly-parse-JSON-schema-references.patch;patchdir=libocispec \
+           file://0002-libocispec-fix-array-items-parsing.patch;patchdir=libocispec \
          "

-PV = "v1.23.1+git${SRCREV_crun}"
+PV = "v1.24.0+git"

 inherit autotools-brokensep pkgconfig