mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-08-21 08:22:00 +02:00
master
1222 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Chen Qi
|
8f15c45f7d |
skopeo: avoid overriding GOBUILDFLAGS set in go.bbclass
When MACHINE is riscv64, skopeo fails to build with the following
error message:
ERROR: QA Issue: skopeo: ELF binary /usr/sbin/skopeo has relocations in .text [textrel]
To reproduce the issue, run the following command:
MACHINE=qemuriscv64 bitbake skopeo
In go.bbclass, we have:
"""
export GOBUILDFLAGS ?= "-v ${GO_LDFLAGS} -trimpath"
...
python() {
if 'mips' in d.getVar('TARGET_ARCH') or 'riscv32' in d.getVar('TARGET_ARCH'):
d.appendVar('INSANE_SKIP:%s' % d.getVar('PN'), " textrel")
else:
d.appendVar('GOBUILDFLAGS', ' -buildmode=pie')
}
"""
The '-v -trimpath' and arch depedent '-buildmode=pie' is generally reasonable.
And we can see we'll need to use anonymous python function to handle PIE. So we
should avoid overriding it unless necessary.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Koen Kooi
|
f707bbe323 |
Docker: add more required kernel modules as RRECOMMENDS:${PN}
With a very minimal image recipe that just pulls in docker, the daemon won't start due to missing modules, so add the missing ones. The list of new modules was created by diffing the output of `lsmod` before installing all kernel-modules and the output after launching docker with all modules installed. Signed-off-by: Koen Kooi <koen.kooi@oss.qualcomm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Chen Qi
|
135bf45c74 |
containerd: drop CVE_VERSION
It's easy to forget to update this CVE_VERSION setting. So remove it. The default value of CVE_VERSION is PV. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
69c32e6e65 |
tini: update to v0.19.0
We also switch to _git and add PV to the recipe as we don't need
to exactly track a tag.
We drop patches that have been merged upstream.
Bumping tini to version v0.19.0-15-g369448a, which comprises the following commits:
369448a Document TINI_KILL_PROCESS_GROUP environment variable
37ff361 Update README.md.in
924c4bd Support POSIX basename() from musl libc
7724cbe Update "ENV key value" format in README
071c715 chore: allow CMake though to 3.10
0b44d36 chore: bump minimum CMake to 2.8.12
a49fdd3 tini.c: a function declaration without a prototype is deprecated in all versions of C
378bbbc Update keyserver recommendation to Ubuntu
b9f42a0 Indicate that -e can be repeated
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
0928637671 |
umoci: update to v0.5.0
Bumping umoci to version v0.5.0-28-g8a7f789, which comprises the following commits:
e0662ee internal: move pkg/system to internal
58645a6 internal: move pkg/testutils to internal/testhelpers
973fe4f internal: move pkg/iohelpers to internal
7b16c17 internal: move pkg/funchelpers to internal
141cc9a internal: move pkg/pathtrie to internal
1a2fc2f internal: move pkg/idtools to internal
46ad7b5 gha: cflite: move cronjob timing
7e958cb gha: cflite: remove unneeded matrix
90bdb13 README: update release key description
ee36e53 gha: add batch fuzzing for ClusterFuzzLite
c4cce9a gha: add ClusterFuzzLite to ci
ed840cd fuzz: minor improvements
7a79fc3 oci: dir: ensure ownership of new files matches image dir ownership
a652677 gha: use CODECOV_TOKEN to fix main branch uploads
0cc9dac unit: switch to alternative 'go test ./... -test.gocoverdir' workaround
55d9840 tests: switch to modern GOCOVERDIR
9fbccd4 ci: remove vestiges of Travis and manual CodeCov uploads
2f95855 dockerfile: fix 'dubious ownership' git error
3d0704d dockerfile: drop unneeded helper tools
1894c20 meta: properly mark meta.WhiteoutMode as Deprecated
4d65d2f version: use go:embed
6df6dcf VERSION: back to development
0bb7e0b VERSION: release v0.5.0
486a6a5 oci: layer: handle auto-converting to an opaque whiteout with overlayfs
a665c67 oci: layer: fix extraction with a non-directory parent component
7d2d5e5 oci: layer: add support for userxattr in OverlayfsRootfs
55fc2f5 oci: layer: clean up ToDisk and ToTar signatures
8375e7a oci: layer: explicitly handle unrelated xattrs for overlayfs xattr filter
0cea894 oci: layer: merge is-overlayfs config and mapping into OnDiskFormat config
fbe9b0e tests: make sure we use a new t.TempDir per-t.Run
456443e golangci-lint: enable some more lints
4e65fea lint/usetesting: enable lint
96e507b lint/forcetypeassert: make type assertion requirements more standard
a0622e5 lint/revive: fix up revive lints
64c02a5 lint/prealloc: add trivial pre-allocation fixes
bcd14d6 cmd: switch flattenCommands to a recursive foreach
cf70516 casext: fix typo in t.Run
5a4a7aa *: remove old open-coded funchelpers.VerifyError
36a1d10 lint: add fuzzer code to lints
bbd479d fuzz: fix build errors
7f704ea lint/exhaustive: fix non-exhaustive switch statements
63e82cd lint/unconvert: remove unnecessary conversions
b68268e lint/unparam: remove unused parameters for internal funcs
e156d27 lint/errorlint: use error.Is in spots we missed
95fedd6 lint/godot: fix doc comments
c88a83a gha: switch to golanglint-ci
5ee7982 lint/errcheck: improve verification of deferred errors
470498c lint/ineffassign: remove unneeded assignments
fbead65 lint/staticcheck: SA1019: permit use of our own deprecated mutate.Compressor
72409e8 lint/staticcheck: SA1019: explicitly allow usage of deprecated archive/tar features
379b24f lint/staticcheck: SA1019: switch away from deprecated io/ioutil
53a7b21 lint/staticcheck: apply minor fixups
f80a675 lint/gofumpt: apply gofumpt rules
3a100c5 lint/testifylint: fix all testify lints
7b875f8 meta: drop whiteout_mode from umoci.json
b1a69f5 oci: layer: temporarily disallow overlayfs on-disk bundle unpacking
474f50a keyring: add cyphar@cyphar.com as trusted signing key
c578970 keyring: add keyring management scripts from runc
18b9ae3 oci: blobcompress: switch to Docker-friendly gzip block size
44b018a mutate: make consistency test use larger layers
54f34c9 oci: layer: refix auto-applied xattr handling
d267494 oci: layer: refactor round-trip xattr test
caa0306 oci: layer: improve logging of xattr mapping
8d78eb1 pkg: hardening: fix spurrious InvalidDigest test failure
6599ffe build(deps): bump golang.org/x/sys from 0.32.0 to 0.33.0
9a1cefa oci: layer: correctly handle trusted.overlay xattr namespace escaping
6494555 pkg: pathtrie: optimise deletions to prune more garbage
c479530 oci: extract: correctly handle mixed overlayfs whiteouts
0dea233 oci: extract: properly handle missing parent dirs for overlayfs
b1dd141 oci: generate: support converting trusted.overlay.{whiteout,opaque} xattrs
d54275b oci: insert: only use unpriv.Walk when rootless
a55c157 oci: insert: don't generate opaque entry for root whiteout
1d0c345 test: tar extract: move pseudoHdr generation to tarDentry
8d5500f test: layer: reorganise overlayfs-related tests
0219792 test: layer generate: properly test GenerateLayer output
9cab21a oci: generate: actually generate layer with TranslateOverlayWhiteouts
d065c36 oci: generate: use correct path for converted overlayfs whiteout
9367b0d oci: layer: fix docs for KeepDirlinks
2d252c7 oci: insert: match variable naming for GenerateLayer
b438602 oci: layer: pass RepackOptions to tarGenerator
ad71792 system: switch lclearxattrs to use skipFn
578f925 pkg: unpriv: simplify lclearxattrs
e68606e deps: update github.com/cyphar/filepath-securejoin@v0.4.1
aa67731 deps: update golang.org/x/crypto@v0.37.0
27725c4 deps: update google.golang.org/protobuf@v1.36.6
c8a82c3 deps: update to golang.org/x/sys@v0.32.0
c08adaa ci: more image-tools workarounds
b94dfa1 go: bump to 1.23
86e7254 README: remove lxd mention
19cb696 build(deps): bump github.com/moby/sys/user from 0.3.0 to 0.4.0
b485e0e README: mention incus and lxd
1c93e3f tests: modernise and switch to testify assertions
7856970 tests: migrate to t.TempDir()
55189f8 pkg: hardening: remove duplicate test
f16094a pkg: mtreefilter: properly test FilterDeltas
03ff2a6 pkg: mtreefilter: fix broken err check in tests
eac7bfa *: clean up with goimports -local
3f264cb userns: switch third_party to github.com/moby/sys
d2fd96a deps: update github.com/stretchr/testify to v1.10.0
c94c4fb go.mod: bump to 1.21 minimum
9e2c5a9 ci: remove unused .lgtm config
de6d399 *: ensure all files have license and SPDX header
41ca97d tests: add --compress= fail tests
a79788c test: add mixed-compression unpack tests
f8f12bc cmd: add --compress= option to repack-like commands
3373613 repack: don't hardcode layer compression algorithm
6355ec2 unpack: make layer decompression based on mediatype more generic
245726c casext: unify blob compression and decompression
fa3077f mutate: make uncompressed annotation hint not use globals
15fa55f mutate: merge add and Add
b4ca5a1 repack: remove TODO for non-distributable layers
a31a208 gha: switch from CentOS to AlmaLinux for image tests
e9fff47 pkg: fmtcompat: remove now that there are no users
63bbda0 errors: drop remaining errors.Wrap-like fmtcompat.Errorf users
73fffb3 errors: drop fmtcompat.Errorf for complicated err != nil checks
00a632e errors: drop fmtcompat.Errorf for explicit err != nil checks
5339feb errors: drop fmtcompat.Errorf for non-%w errors
1c67765 *: migrate to Go stdlib error wrapping
cd18171 pkg: fmtcompat: add a compatibility shim for fmt.Errorf
aaa6de8 fmt: use %q for quoting
97cbde3 *: fix new golint warnings
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
7827d68e75 |
skopeo: update to v1.19.0
Bumping skopeo to version v1.19.0-36-gb6c726f8, which comprises the following commits:
ac8b6527 Update Neil Smith's GitHub username in MAINTAINERS.md
99c6fb09 Also exit with status 2 for missing tags in oci-archive:
634c0d99 Fix the "missing image" check when reading oci:
40353ad7 Fix some comments
bdc6d70f TMT: Install bats from source on RHEL
654c3fcc RPM: make bats a weak dep
3ddcdee0 Add conditional release-checking system test
abf7bbba Packit: disable osh-diff-scan
889225db Tweak Governance and Maintainers for alignment
f87cd5ec rpm: build rpm with libsqlite3 tag
a50b2d91 Makefile: use libsqlite3 build when possible
763606cd Improve documentation of --authfile
ea37e10d Add Colin Walters as a reviewer
3618a76e Add --retry[-times] to test operations that tend to fail
08dc3c94 fix(deps): update module github.com/containers/common to v0.63.1
c9d5569a [skip-ci] RPM: fix gating.yaml
3ad4bfcf Don't BuildRequires: ostree-devel
50f414a7 unshare: Add CAP_SYS_ADMIN to needed capabilities
a5cbf052 docs: Add a manpage for experimental-image-proxy
aaba5370 Bump to v1.20.0-dev
7aa78df9 Bump to v1.19.0
64e5ebe2 fix(deps): update module github.com/containers/common to v0.63.0
ec3516ec fix(deps): update module github.com/containers/image/v5 to v5.35.0
d0d0b709 Disable Packit builds on ELN
9ddfd549 [skip-ci] Packit: set fedora-all after F40 EOL
ffad97c2 [CI:DOCS] README.md: Add openssf passing badge
6ecc6c33 proxy: Move defer() higher up
983e77d8 proxy: Add GetRawBlob
faa6f8a0 [CI:DOCS] README.md: Add badges
c228b1db [CI:DOCS] CONTRIBUTING.md: Update communication channels
f8432950 fix(deps): update module golang.org/x/term to v0.32.0
2bd609a0 chore(deps): update dependency golangci/golangci-lint to v2.1.6
159095c1 chore(deps): update dependency golangci/golangci-lint to v2.1.5
eff578f5 chore(deps): update dependency containers/automation_images to v20250422
4c55fce1 chore(deps): update module golang.org/x/net to v0.38.0 [security]
5cf5a11e Stop setting libdm_no_deferred_remove
47bf2b4e Stop setting btrfs_noversion
320a3e07 Don't require BUILDTAGS to be non-empty
ed34be71 fix(deps): update module github.com/containers/storage to v1.58.0
3755a3db chore(deps): update dependency golangci/golangci-lint to v2.1.2
f4d30802 Makefile: add linting with --tests=false
d66183b1 Remove hack/validate-lint.sh wrapper
b74989df integration: add unix tag to non-windows tests
25481e1a integration: add _test suffix to files
53a1b695 chore(deps): update dependency golangci/golangci-lint to v2.1.1
f9e03e6c .github: check_cirrus_cron work around github bug
b39bf85a GHA: remove .github/labeler.yaml
4920d7f1 .golangci.yml: simplify
5b135b92 Add MAINTAINERS.md and Governance, update OWNERS
f5c34db7 fix(deps): update module golang.org/x/term to v0.31.0
b6b64152 chore: fix some function names in comment
f7ab0ed0 fix(deps): update module github.com/containers/common to v0.62.3
0e68f7be chore(deps): update dependency golangci/golangci-lint to v2.0.2
edfeb735 [skip-ci] TMT: keep PR-label independent tests
ba2f8b7a chore(deps): update dependency golangci/golangci-lint to v2
11fc49b4 Rely on golangci-lint exit code instead of expecting empty output
b78fa41e Satisfy staticcheck
da1bf9f7 chore(deps): update dependency containers/automation_images to v20250324
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
1a0120817b |
runc: update to v1.3.0-rc.1
Bumping runc to version v1.3.0-rc.1-171-gb1722d79, which comprises the following commits:
da909478 deps: bump cgroups to v0.0.3, fix tests
f24aa06e libct: State: ensure Resources is not nil
1b39997e Preventing containers from being unable to be deleted
d22a4211 libct/configs: stop using deprecated id
b25bcaa8 libct/configs: fix/improve deprecation notices
a10d338e libct/configs: add package docstring
8d180e96 Add support for Linux Network Devices
889c7b27 update runtime-spec
ed5df5f9 libcontainer/configs package doc
0b01dccf runc update: handle duplicated devs properly
7696402d runc update: support per-device weight and iops
99a4f198 build(deps): bump github.com/urfave/cli from 1.22.16 to 1.22.17
31d141e2 build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0
8b0e7511 build(deps): bump github.com/containerd/console from 1.0.4 to 1.0.5
04be81b6 fix rootfs propagation mode
995a39a4 ci: add scheduled run of GHA CI
74209b73 ci/gha: allow to run jobs manually
62e6ab6d gha/ci: allow validate/all-done to succeed for non-PRs
b39bd105 ci/gha: fix exclusion rules
b206a015 deps: bump opencontainers/cgroups to v0.0.2
ae00c2bd tests/int: simplify using check_cpu_quota
fbf1a320 build(deps): bump github.com/vishvananda/netlink from 1.3.0 to 1.3.1
5cdfeea7 CHANGELOG: forward-port entries from 1.3.0
0623ea10 build(deps): bump golang.org/x/net from 0.39.0 to 0.40.0
c1958d88 build(deps): bump golangci/golangci-lint-action from 7 to 8
9f86496c ci: Check for exclude/replace directives
67b8a685 go.mod: Delete exclude directives
b0aa863f ci: bump golangci-lint to v2.1
d920a722 build(deps): bump github.com/seccomp/libseccomp-golang
8e3ee502 ci/cross-i386: retry adding ppa
c12c99b7 runc: embed version from VERSION file
d54eaaf2 runc --version: use a function
3e3e0482 ci: upgrade to criu-4.1-2 in Fedora
58c3ab77 rootfs: improve error messages for bind-mount vfs flag setting
30302a28 mount: add string representation of mount flags
87ae2f84 Unify and fix rootless key setup
b520f750 ci: install newer criu for almalinux-8
d7285e46 Fix "invalid workflow file" github actions error
5f4d3f36 libct/apparmor: don't use vars for public functions
08ebbfc8 tests/cmd/remap-rootfs: fix mips builds
1d78cb21 Completely remove --criu option
c8991936 ci: add check for toolchain in go.mod
e34c1a04 CHANGELOG: Port 1.2.x changes
c5ab4b6e runc pause/unpause/ps: get rid of excessive warning
fda034c9 pause: refactor
75a4546b go.mod: rm toolchain
0a9639e3 build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0
c5e0ece4 build(deps): bump golang.org/x/sys from 0.31.0 to 0.32.0
19c65154 tests: Add env var tests
09501d96 libct: Override HOME if its set to the empty string
bb5aa116 build(deps): bump github.com/moby/sys/user from 0.3.0 to 0.4.0
bf386464 libct: we should set envs after we are in the jail of the container
4a0e282b test: check whether runc set a correct default home env or not
7fdec327 Use any instead of interface{}
17570625 Use for range over integers
f64edc4d ps: use slices.Contains
ef5acfab libct/configs: use slices.Delete
0fc2338d libct/specconv: use maps.Clone
7a58d823 .golanci-extra: disable staticcheck QF1008
0b536265 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0
5cfd1a62 build(deps): bump bats-core/bats-action from 3.0.0 to 3.0.1
131bdac1 tests/int/selinux: test keyring security label
c735c073 tests/integration/selinux: collect user_avc as well
491326cd int/linux: add/use Recvfrom
e655abc0 int/linux: add/use Dup3, Open, Openat
c690b66d int/linux: add/use Exec
431b8bb4 int/linux: add/use Getwd
8cc1eb37 Introduce and use internal/linux
b68cbdff criu: Add time namespace to container config after checkpoint/restore
127e8e68 ci: bump to golangci-lint v2.0
9b3ccc19 libct/intelrdt: fix staticcheck ST1020 warnings
30f8acab Fix staticcheck ST1020/ST1021 warnings
9510ffb6 Fix a few staticcheck QF1001 warnings
6405725c libct: fix staticcheck QF1006 warning
fdb69163 notify_socket.go: fix staticcheck warning
4622bb87 build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6
a638f133 .golangci.yml: add nolintlint, fix found issues
d00c3be9 ci: bump codespell to v2.4.1, fix some typos
65e0f2b7 libct/int: use destroyContainer
1aebfa3e libct/int: don't use _ = runContainerOk
f55400dc .github: Improve issue template description
bac33825 build(deps): bump github.com/opencontainers/selinux
6a3f8ea3 skip read /proc/filesystems if process_label is null
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
cb2d486817 |
runc: start removing 'opencontainers' reference
We've only had one type of runc for a while, this is another step in the direction of moving to just 'runc' versus the old runc-<foo> variants Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
485fb512b5 |
podman-tui: update to v1.6.1
Bumping podman-tui to version v0.9.0-508-g5d5c4cc0, which comprises the following commits:
5d5c4cc0 Bump to v1.6.1
02bc24f9 Bump github.com/containers/podman/v5 from 5.5.0 to 5.5.1
0b65653d Bump to v1.6.0
136c5f75 Fix golint issue
b02ec603 Added container create health log dest, max count and size options
ef10f184 Fix bats test for network connect
3eabf121 Bump github.com/containers/podman/v5 from 5.4.2 to 5.5.0
164ca27d Bump golang.org/x/net from 0.36.0 to 0.38.0
70fd604f packit epel10 build
42293a3a Bump golang.org/x/crypto from 0.36.0 to 0.37.0
f902cdff Bump to v1.6.0-dev
cd904893 Bump to v1.5.0
6392f961 Bump to v1.6.0-dev
fb76d52a Bump to v1.5.0
ff9a2eeb Bump github.com/containers/podman/v5 from 5.4.1 to 5.4.2
04b7a615 Bump github.com/containers/buildah from 1.39.3 to 1.39.4
0f4d9385 Bump github.com/rs/zerolog from 1.33.0 to 1.34.0
ffda1a0a Bump github.com/BurntSushi/toml from 1.4.0 to 1.5.0
2326d5fc Bump github.com/containers/buildah from 1.39.2 to 1.39.3
cc8608c2 Bump golang.org/x/net from 0.34.0 to 0.36.0
8eb63a6d Bump golang.org/x/crypto from 0.33.0 to 0.36.0
9b2bb838 Go update to v1.23.0 + Golangci-lint update to v1.64.4
4c73f653 Bump github.com/containers/common from 0.62.0 to 0.62.2
0a04e82e Bump github.com/containers/storage from 1.57.1 to 1.57.2
347ab777 Bump github.com/containers/podman/v5 from 5.4.0 to 5.4.1
4049d7ad UI input check trim spaces
d62c79f7 New feature - pod create resource settings category
441fe2ed Fix Vagrantbox hostname
f06e2ef9 Fix view's dialogs focus issue
e15d76a7 Exec and run vterm container ID and name display issue fix
43fbc573 Added bats tests for container run cmd
53a43f86 Vagrantfile box version update to fedora/41-clous-base
9312e8de UI dialog size adjusmentse
0aeb2e55 New feature - container create resource settings category
34a7797d View sub dialog size adjustments
02ada937 New feature - container run
eed5fd90 Container exec terminal size change
9e6388aa Container create dialog secret option
56a12860 fix wrong function name
177f06c4 Bump to v1.5.0-dev
204d054c Bump to v1.4.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
203f841b21 |
podman-compose: update to v1.4.0
Bumping podman-compose to version v1.4.0-75-g8eb5573, which comprises the following commits:
1c0c63a Fix formatting of description of systemd command
2f8dbdc Remove assignment to variable that gets overriden and never used
0de04b3 CONTRIBUTING: Suggest contributors to split their commits
d864e19 CONTRIBUTING: Update instructions on commit message
96ec961 CONTRIBUTING: Update instructions for creating virtualenv
0cbf70a Implement short syntax for env variables in compose.yml "environment:"
8f9f6d0 Remove unnecessary 'or "text"'
dd471c8 Fix dockerfile definition if directory name ends with ".git"
4177bae Add docker_compose_compat setting
6635b8b cleanup bool parsing
8f55227 add name_separator_compat
04155d0 Add documentation for env variables
6054952 allow overriding x-podman using env vars
034b86e README: Remove basic usage section
bbdb636 README: Update section on tests
93371b0 README: Merge all repositories under single section
27d1fc6 README: Add installation instructions on Debian
82dd0ac Release notes for 1.4.1
0491269 Fix relative host path resolution for volume bind mount source
82d7622 Add relabel option to secrets
7b3276e Expose io.podman.compose.service label
949af2a .github: Run mypy as part of checks
0b8b483 Print full dockerfile path instead of context on error
56238b1 tests/integration: Fix `service_scale` tests
d4ebf62 tests/integration: Fix `lifetime` tests
83c7e94 tests/integration: Add missing __init__.py files to actually run tests
248a63e test-requirements: Upgrade ruff
efea0ee Address unused argument warnings
3c2978c examples: Add type annotations
5765e53 Use correct logging methods
0be50ff Fix return value from compose_systemd()
1eae76d Add return type annotations to test_utils.py
6c46678 Fix mypy warnings
a3f48f8 tests/integration: Add type annotations
dedb081 tests/unit: Add type annotations
ea22227 Add mypy configuration
58df849 Move tests to directories that can be imported
39e21d8 Remove extraneous await on non-async function
02166f5 Use more standard call to list.append
8aeeafb Rename redefined variables
9162fe6 Remove unused code
08d06df Fix build ssh path to be relative to directory of compose file
a983129 tests/unit: Add unit tests for fixing CMD healthcheck
76b3055 Fix CMD healthchecks running with /bin/sh
225999e tests: Rewrite test_normalize_depends_on to unittest
3d47849 Allow specifying custom pod name in `--in-pod`
0c1c4ff Fix reset tag attribute to also reset `depends_on` parameter
6e30673 tests/integration: Fix paths for testing override and reset tags
01214fa Add unregister command to remove systemd service registration
bd29caa Release 1.4.0
6c9c091 Release notes for 1.4.0
67616bd Handle exit code when compose up -d
782c44d tests: Style cleanup
d7762a5 Fix service_healthy condition enforcing
eba2ca2 Skip running compose-down during up when there are no active containers
abe5965 tests: Improve reliability of network tests
9e0da82 Change compose-up to create then start container to avoid double exec
8638eb9 tests: Test selected env variables to improve robustness
e1d938f Add --abort-on-container-failure
1dab256 tests/integration: Add override tag attribute test
2a33ef5 tests/integration: Add override tag service test
5ab7340 tests/integration: Add reset tag attribute test
35dc395 tests/integration: Add reset tag service test
38a9263 integration/tests: Move 'volumes_merge' tests to 'merge' directory
cbe9587 Implement override and reset analog to docker-compose
98f166d Implement pids_limit
ff58a0b Add newsfragment
8d899eb Feature: add cpuset option
ae41ef0 tests/integration: Improve tests for port command
da46ee3 Fix port command for dynamic host ports
d80c31f tests/integration: Add tests for up and down command
cefa68d Implement rmi argument for down command
fbc4c7d Integration tests for container scaling changes
11879d3 Updates handling of scale/replicas through CLI & compose file
27cf8da Addition of relevant newsfragments file
a1be62f tests/integration: Automate manual ulimit test
e45b5d5 tests/integration: Automate manual `volumes_merge` test
e04b8f3 tests/integration: Add integration test for buid git URL as context
815450a tests/unit: Add test for buid git URL as context
92f0a85 Fix using git URL as build context
5f4fc46 Add os.path.normpath to normalize dockerfile pathname
f9489af Allow merging of args in both list and dict syntax
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
45063e5976 |
netavark: update to v1.15.2
Bumping netavark to version v1.15.2-1-g3955c1f, which comprises the following commits:
01b002f release v1.15.2
937edfb release notes for v1.15.2
913bf55 dhcp_proxy: set timeout_sender only if required
763c86b cargo: bump mozim to 0.2.6
868d33d release v1.15.1
29f991c release notes for v1.15.1
ad51a4a Revert "remove search domain from response"
aadd9fe release v1.15.0
7395403 release notes for v1.15.0
8dd201b update release notes from v1.14.1
a819174 update nftables to 0.6.2
fa0cce8 run cargo update
18e6472 chore(deps): update rust crate tempfile to 3.20.0
ebbc9d1 chore(deps): update rust crate chrono to 0.4.41
dc8e9f2 fix(deps): update rust crate tokio to 1.45.0
ccde461 fix(deps): update tonic monorepo to 0.13.1
a7a2748 fix(deps): update rust crate zbus to 5.6.0
e2aecba fix(deps): update rust crate sha2 to 0.10.9
da0933e fix(deps): update rust crate clap to ~4.5.37
cfe74dc aardvark: handle names more safely
13cd456 aardvark: use one buffer for commit_entry()
efe127c don't clone container_names in AardvarkEntry
7084b2e Makefile: correctly set SOURCES
adcddf6 remove some unused deps
0795886 Makefile: use cargo --locked in CI
99ede94 chore(deps): update dependency containers/automation_images to v20250422
86a4826 ci: ensure tree is clean after build
4ed8ac7 fix(deps): update rust crate rand to 0.9.1
ea3479b .github: check_cirrus_cron work around github bug
ca2ad7f Cargo.lock: fix desync with Cargo.toml
84ec751 fix(deps): update rust crate netlink-packet-utils to 0.6.0
d629405 firewalld_reload: share connection
b675bd2 fix new rust 1.86 lint errors
810ee33 ignore SIGTERM and SIGINT on teardown
36d89b2 fix(deps): update rust crate tokio to 1.44.2
3bfe78e Release GHA: Automatically publish crate
d430758 test: use ncat not nc
2c4d5b6 update CI image 2025-03-24
6c6c89b fix new clippy lint errors
7ef70f8 fix(deps): update rust crate env_logger to 0.11.8
5d6a3f0 fix(deps): update rust crate clap to ~4.5.34
8eb7a23 chore(deps): update rust crate once_cell to 1.21.3
ed5f940 fix(deps): update rust crate hyper-util to 0.1.11
3b031a7 GHA: Automate release
9035c67 remove search domain from response
5daf5cb chore(deps): update rust crate once_cell to 1.21.2
b940984 fix(deps): update tonic monorepo to 0.13.0
1be221f Add link to c/common contributor's guide
b361626 fix(deps): update rust crate log to 0.4.27
8a34126 chore(deps): update rust crate tempfile to 3.19.1
3880a19 fix(deps): update rust crate nispor to 1.2.23
803309a fix(deps): update rust crate netlink-packet-route to 0.22.0
850d6af Fix detect of Firewalld's StrictForwardPorts property
8605514 chore(deps): update rust crate tempfile to 3.19.0
683d3ad chore(deps): update rust crate once_cell to 1.21.1
0783767 fix(deps): update rust crate tokio to 1.44.1
566febc chore(deps): update rust crate once_cell to 1.21.0
b47c5bc fix(deps): update rust crate env_logger to 0.11.7
67bf793 fix(deps): update rust crate tokio to 1.44.0
3902d99 test/001-basic: Make commit test optional
af59e5c .github: remove cirrus rerun action
dd46baf chore(deps): update rust crate tempfile to 3.18.0
76dfaaa fix(deps): update rust crate clap to ~4.5.31
fd6ebf0 chore(deps): update rust crate chrono to 0.4.40
9a3dcaf fix(deps): update rust crate zbus to v5
fd440e1 Bump MSRV to v1.77
44e3864 Update Rust crate log to 0.4.26
f990a78 cirrus: do not build debug bins
a08bb55 Makefile: do not rebuild if nothing changed
4ac1563 Makefile: uninstall netavark-firewalld-reload.service
8668643 docs/Makefile: several fixes
c1518c9 Makefile: build docs by default
9b0209c Makefile: do not build twice
fa4c8ce chore(deps): update rust crate tempfile to 3.17.1
6963b06 chore(deps): update rust crate tempfile to 3.17.0
18889e4 fix(deps): update rust crate prost to 0.13.5
dfac98b Bump to v1.15.0-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
1ad2906d95 |
lxc: update to v6.0.4
Bumping lxc to version v6.0.4-7-gb185e523f, which comprises the following commits:
b185e523f selinux: fix typo (AppArmor)
4be5e7c65 meson_options.txt: remove space before `:` for consistency
81d00893a meson_options.txt: don't use str when defining bool default values
8a7ea2523 bionic: Remove custom getline, openpty and prlimit
136d5ae08 bionic: Remove bionic detection and support
f362f6eed README: Remove mention of old LXC version
2663712e8 start: Re-introduce first SET_DUMPABLE call
0fb6eb66d Release LXC 6.0.4
312976c9b lxc/start: do prctl(PR_SET_DUMPABLE) after last uid/gid switch
77b9cb1dc lxc/caps: fix open /proc/sys/kernel/cap_last_cap
dfe473705 lxc/conf: handle rootfs open_at error in lxc_mount_rootfs
782b666dc tools/lxc_attach: fix ENFORCE_MEMFD_REXEC checks
bcb6d063d github: Add packaging workflow
3a4003c8c global: Switch to new MAC prefix
5cdef29d8 global: Switch MAC generation to Zabbly prefix
400115de0 sysconfig/lxc: remove false comment
0e99eaa35 Added LXC_IPV6_ENABLE option for lxc-net to enable or disable IPv6
84e02ca8c github: Switch to native arm64 runners
f68da1c9f config-bcast: fix incorrect broadcast address calculation
5b31eb51a lxc/attach: Revert "- LXC attach should exit on SIGCHLD"
555276df9 conf: warn when capabilities are disabled or libcap is not found
a99f593e3 dbus: replace hardcoded dbus address with environment variable
d34b373ca conf: log name of invalid capability in error
56ef15e71 confile-vlanid: undefined is not a zero value
b4fda3c60 - LXC attach should exit on SIGCHLD
fe31d844e Release LXC 6.0.3
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
46ccc838f5 |
k8s: update to v1.33.2
Bumping kubernetes to version v1.33.2-1-gf208b6c73d1, which comprises the following commits:
f208b6c73d1 Update CHANGELOG/CHANGELOG-1.33.md for v1.33.2
a57b6f7709f Release commit for Kubernetes v1.33.2
05e72aa38dc fix kubeadm e2e tests
612e0555562 Bump images, dependencies and versions to go 1.24.4 and distroless iptables
a792b779060 Remove warning about resizing failed for unknown reason
ea3aa291814 Add tests that validate the return value of resize operation
060a4985376 Revert shorthand for kubectl explain --output
c4f2287f8a3 Bump images, dependencies and versions to go 1.24.9 and distroless iptables
1fde2b884c7 DRA node: reject static pods which reference ResourceClaims
2628e18dabe userns: Wrap more errors
514da8a95a6 userns: Improve error returned if userns is not supported
992924664b5 userns: Use len to handle empty non-nil slices
76747b4eed8 Update CHANGELOG/CHANGELOG-1.33.md for v1.33.1
8adc0f041b8 Release commit for Kubernetes v1.33.1
f240b3abf52 SchedulerPreemption [Serial] validates various priority Pods preempt expectedly with the async preemption: replace finalizers with preStop hook and TerminationGracePeriodSeconds
cce99a8c73a Automated cherry pick of #130503: Unhandled panic crash on rollout_history printer.PrintObj (#131496)
a257be82995 fix: fixes a possible panic in `NewYAMLToJSONDecoder`
b59deb49149 DRA: Fix failure to allocate large number of devices
750d2c02f03 Update hnslib version in Windows KubeProxy.
c916dba6073 Disable size check for xfs/ext3/ext4 filesystems before expansion
c8f2295d688 Disable disk size checking when calling NeedsResize function
3caaf056f1b Handle unsupported node expansion for RWX volumes
c7eb93190c6 Mark NodeExpansion finsihed without featuregate check
74035d7b771 Also change final status by removing featuregate check
1a9d4fc468f Check for newer fields when deciding expansion recovery feature status
950bb3baf51 Fix for HNS local endpoint was being deleted instead of the remote endpoint.
5dc8b8dd268 Update CHANGELOG/CHANGELOG-1.33.md for v1.33.0
60a317eadfc Release commit for Kubernetes v1.33.0
9ba7dcecc39 CHANGELOG: Update directory for v1.30.12 release
191c34eaba2 CHANGELOG: Update directory for v1.31.8 release
7bf818fb88a CHANGELOG: Update directory for v1.32.4 release
95b926c93a4 Feature-gate watchlist e2e
e467c9530b8 [Go] Bump dependencies, images and versions used to Go 1.24.2 and distroless-iptables
660df229bf3 Stop exposing list-via-watch from the server
a8f6d77c8da ServiceCIDR and IPAddess Conformance
44c230bf5c3 CHANGELOG: Update directory for v1.33.0-rc.1 release
4939c17914f Update CHANGELOG/CHANGELOG-1.33.md for v1.33.0-rc.1
92e86d1b4bf Release commit for Kubernetes v1.33.0-rc.1
0266d3bcb37 Allow single-to-dual-stack reconfiguration for ServiceCIDR
7d7fc2d9892 Fix flaky test: Metrics should grab all metrics from kubelet /metrics/resource endpoint
505836c22cc staging/publishing: add release-1.33 rules
e5a5f726dde Tag SELinux tests that require SELinux warning controller
cacd595bae4 CHANGELOG: Update directory for v1.33.0-rc.0 release
18249aaaa4f hack/update-conformance-yaml.sh
1eab3036b67 mark tests that use estimateMaxPods as serial
b2933c0adac estimate some system daemonset overhead for max pods
b1a9cc34731 bug fix: fix version order in emulation forward compatibility.
f63cdcbc811 Release commit for Kubernetes v1.33.0-rc.0
2ef4a8426c2 Move to released version of prometheus/client_golang v1.22.0 from rc.0
c8c2844aaf1 Fix race for sending errors in watch
d3c5a4ab2f8 CHANGELOG-1.32: fix release note about kubeadm upgrade phases
10a7d6f8fdb Update CSI Proxy to v1.2.1-gke.2
24edc6e90f1 Update etcd to 3.5.21
eca90dab3f5 Parallelize cacher list tests
1a15d582ae5 Don't start etcd for skipped test
75186095c58 Stop cacher in TestWatchStreamSeparation to speed up shutdown
38d5cb368dd Fix flake, non-consistent list doesn't give any guarantees about staleness
9b5c4504ee4 Ensure that cacher is terminated in TestGetListRecursivePrefix
24536987d89 fix narrow spaces of %e for x/net bump
f3b80a85822 bump etcd 3.5.21 sdk
0e2e687d3cc cleanup etcd v3.6.0
20d6b51588a Build etcd 3.5.21 image
5c7491bf087 accept rounded container cpu limits in container cgroup tests (#131059)
d349ac57e47 wait for containers to have started before doing cgroup check
b0b89d3bd25 fix the DeploymentReplicaSetTerminatingReplicas version
8db1426554d rename DeploymentPodReplacementPolicy FG to DeploymentReplicaSetTerminatingReplicas
83bb5d57058 deflake restart count assertions in in-place resize tests (#131055)
1d42ba78ff9 Add e2e tests for resource v1beta2 API
e761be47a45 Run make update
39507d911f3 Add resource v1beta2 API
52298cf36a6 DRA kubelet: fix potential flake in unit test
2350e7a9118 deflake pod-resize-resource-quota-test
2073252d5ab Ginkgo skip needs to run inside leaf node otherwise it panics
d429c8b17d4 debug cpu_manager_test failure
478a6f9d053 Add a tests for PreferSameNode
0ee6b0dbfa2 Add "multi-node" TrafficDistribution test
7956b37f62d Add test for `trafficDistribution: PreferSameZone`
23aff5dabd5 Split out the pieces of the TrafficDistribution test
10cd54bee46 Streamling the node/zone-picking logic
bc81a860b08 Abstract the logic of the TrafficDistribution test
b1a0fea4c6f Remove a level of indentation in the TrafficDistribution e2e
8f7bb964de5 TrafficDistribution e2e cleanups
52c3010c8b7 Generated UPDATE_COMPATIBILITY_FIXTURE_DATA
d6d9a354d7d Generated files
f035e37c4bf Added e2e test and fixed existing pod test
94ddb3a98fd Implementation
cc466aa355f CRI API changes
0380f2c41cd Validation
70540c9f43e API changes
2037f39e204 kubeadm: use 'writer' everywhere in util/apiclient/wait.go
310723b21c8 kubeadm: fix WaitForAllControlPlaneComponents with anonymous auth
a75cd2e0f47 Adjust metrics ranges to reflect additional CI job environments
2bd0481d2c3 Use established pattern for kubelet metrics url
0486790592d Fix container_spec_memory_swap_limit_bytes in ci-cos-cgroupv1-containerd-node-e2e CI jobs
a264b0015ec kube-up.sh: set inotify limits
4db8e8cc1dc Add configurable tolerance e2e test.
ac107137ce8 Refresh autogenerated files following the configurable tolerance updates.
dc1696d8074 Fix API doc and tolerance field handling when gate is flipped.
2dd9eda47ff Add configurable tolerance logic.
11b6e2a3752 Update test fixture to account for new tolerance field.
a41284d9fa3 Add the HorizontalPodAutoscaler tolerance field.
463b15b9b22 Add the HPAConfigurableTolerance feature gate.
a237f429fc2 Revert "Separate SeparateDiskTests from eviction"
914a4ba8bfa generated
c86ff2339d4 Unit and E2E tests
dcc67d08c6d Increase number of pods in PreemptionBasic and PreemptionPVs
33fbce73ae2 benchmark to show inefficient linear search lookup
6bbaf8cb104 Extend CRI stats provider to support PSI
77118d4ca06 Extend CRI API to support PSI
92a42e65ec2 Surface cadvisor PSI metrics to summary API and prometheus metrics
c7fc9d5f91a API definition for PSI metrics
a18354c60dd DRA API: fix DeviceTaintRule REST storage test
2d7518df6db Revert "Add e2e test for Regular Container image change"
a9526f6c7e0 add comment to the CPUManager feature label
0882efaf8e6 Remove general available feature-gate CPUManager
16f5fe6a26b Fix infeasible resize test
8cfb9adbf60 overwrite existing labels during pod Binding storage
17acc4a5eeb Move queue.Done() before Prebind, add tests
6873e819297 Run in-place resize tests in default CI jobs
a09cb22e4db disable in-place vertical pod scaling for non-restartable swappable containers
a490960c92b fixup! KEP-4742: Node Topology Labels via Downward API
01ae1b1b5a5 remove kubernetes.io/hostname label copying
934e247030b Remove kubernetes.io/hostname label copying, skip overriding, and support direct spec.nodeName changes.
6ddabb6ee64 updating to reflect latest KEP design
5e7e1e7cf16 KEP-4742: Node Topology Labels via Downward API
67bdfa7d6ee Add alpha feature gate KubeletPSI
2670462eb03 Remove TopologyHints and TrafficDistribution feature flags
3b3df8ba728 CI integration scripts: reduce log noise from installing etcd
cfb9486417d DRA taint eviction: avoid nil panic
56adcd06f37 DRA device eviction: fix eviction triggered by pod scheduling
7b38bff6ec9 Move pod level hugepage test from e2e to e2e node
98e362c0495 Revert "Pod level hugepage for cgroup when unset in container"
fd50d9207f5 End to end tests for pod level hugepage resources
b9e0d4ad666 Unit tests for pod level hugepage resources
51db93c3fb4 Use pod level hugepage limits for cgroup when unset in container
e3f4c6e62ab Containers with hugepage volume mounts with unset hugepage limits
aa17082a160 Default pod level hugepage limits
e5020285fa2 Hugepages to pod level supported resources
5856d3ee6fa DRA taint eviction: fix waiting in unit test
ac6e47cb142 DRA taint eviction: improve error handling
d62e766dad1 Fix function comment
c7919f5e22e Pop from the backoffQ when the activeQ is empty
a67cc3aac12 Reduce locking duration on cache to fetch data in DaemonSet Controller
b726f2cf579 Add an integration test for PreferSameTrafficDistribution
919c2b478ee Refactor TrafficDistribution integration test
64034307c22 Fix comments in TrafficDistribution integration test
323d55e67f9 Rerun update-featuregates.sh
c10dc416815 Ensure --enable-logs-handler help appears in kube-apiserver help
3043fbc3daf Added feature gate to unit test
c0a1489bc86 Fix unit tests
d46050aa5d3 PodLifecycleSleepActionAllowZero to Beta
8fdd6fe4768 Unify should delegate list
8b4aab5451f e2e_node: add a test to verify kubelet fails to create pod if userns isn't supported
a6494ec3134 features: bump proc mount to on by default beta
3701f878d65 Fix the logic on TestGetStaticPodToMirrorPodMap
2d05c3849a4 DRA E2E: fix "cluster must manage ResourceSlices" test
ca42addbdff chore(scheduler): add filter integration tests for missing part plugins: NodeResources plugin
2a9a3ea827d test: switch gotestsum quiet output format
f82c9e56d92 Serve LISTs with exact RV and continuations from cache
657ccc30995 Ensure that the pod has the proper phase upon re-initialization
3c7ed00e224 node: kep-2625: cpu manager policy options GA
1a34095f75b KEP-3094 Promote NodeInclusionPolicyInPodTopologySpread to Stable
1208f25b3f4 Verify oom_score_adj for containers that have been restarted in pod resize e2e
c6d6e0414c0 KEP-3619: rename variable in TestPodAdmissionBasedOnSupplementalGroupsPolicy
586af6b568c KEP-3619: move SupplementalGroupsPolicy e2e test from /e2e/node/ to /e2e/common/node/
4055b1a9b50 KEP-3619: update e2e test to check a pod with SupplementalGroupsPolicy=Strict should be rejected when the node does not support the feature
eda274ed7e3 KEP-3619: merge SupplementalGroupsPolicy dedicated validation tests into standard ones
64a4e349893 KEP-3619: fix field path in validating ContainerUsers in PodStatusUpdate
2a0e51825bb KEP-3619: kubelet now rejects Pods with SupplementalGroupsPolicy=Strict on Nodes not supported this feature.
45846f6b4ea KEP-3619: Set Beta for SupplementalGroupsPolicy featuregate in v1.33
16abcd78bd4 [FG:InPlacePodVerticalScaling] surface pod resize actuation errors in pod resize conditions (#130902)
bfaa2496b2f Remove SidecarContainer feature-gate check
ec1b493a088 Populate status memory requests from actuated resources
1ee7d946d77 WIP add tests for regular container image updates
f04cfdf6e76 Update gofmt.
39d6396aea0 Promote the DisableNodeKubeProxyVersion feature gate to be enabled by default.
c2927727107 Consider AllocatableResources when computing pod requests
aba588cd14e Deprecate IPPVSAllocatedStatus: always set allocatedResources with InPlacePodVerticalScaling
798ce5bde25 e2e framework: add BetaDefaultOff feature gate testcase
507621e0da4 implement WithFeatureGate label proposal
1738c0bc4c9 Add ltsc2025 for windows-servercore-cache test image
ea2f8881093 Auto gen
6d7f11689dd Complete feature impl, fix issues, add perDeviceNodeSelection support, add tests, address comments, etc.
ecba6cde1de Allocator updates
ece1d76e802 API manual changes
deaaa124a5b DRA: Feature gate for Partitionable Devices
baaa38c0992 Remove mutation of authn options by binding flag setters to a tracking boolean in options
7fe7754e67f Fix unit test, remove wait after resize
0ec6566c68c chore: update emulation version help msg.
a2c739f3d50 chore: [e2e/framework] Updates test feature gates to versioned feature gates
7b5cbbb9618 chore: Remove unused unversioned feature gate map by consolidating feature gate files
d7ed3f1c9b6 Add image volume subpath e2e tests
7f4b9a52db2 Consider memory requests in determining if resize is in progress, set termination grace period to 0
f73945aae56 Websocket HTTPS proxy support
ba09a97341d node: cpu-mgr: Graduation of `distribute-cpus-across-numa` to Beta
dab8758a59d chore: avoid resetting config of emulation verison and featuregates when adding flags
7d74a504caa Remove unused VAP for DRA admin access e2e test
1889e0cad65 scheduler sets observedGeneration in pod conditions
951e33fdf94 Fix gofmt issues
10c6a4258f8 feat: graduate MatchLabelKeysInPodAffinity to GA
917c4b310bd Fix lint issues, use kuberuntime's minGracePeriod const, boost container restart wait period
327ebcffc85 node: cpumgr: e2e: Define constants and use them instead of literals
c90f0539c88 node: cpumgr: e2e: Tests for `distribute-cpus-across-numa` policy option
b6a3ac47de0 node: cpumgr: e2e: tests for NUMA allocation spread metrics
3edeb60c089 Create Snapshotter interface to fake the implementation
7da942ca748 Change precedence order for continue and legacy exact match
e367dca6c5b Change backoffQ less function to order pods by priority in windows
88f8e6697dc Implement PreferSameNode traffic distribution in kube-proxy
c85083589c8 Clarify hostname vs node name in kube-proxy
ff640c3679a Minor updates to kube-proxy topology code
19952a2b7bd Implement the EndpointSlice controller side of PreferSameZone/PreferSameNode
90c8f9aef1a Don't write out dummy zone hints in clusters with no zones
413af836b38 Minor updates to traffic distribution unit tests
af3584778e0 update generate docs for PreferSameTrafficDistribution
4435ead24a1 Add PreferSameTrafficDistribution feature gate and associated API.
6ca82f9c164 Update the use of sets in EndpointSlice validation
929a9c0cad9 Extend shouldDelegateList testing incorportating state of cacher
09fdae408fb pkg/kubelet/userns: add idsPerPod tests
1592bfa4a81 kubelet: config: add userNamespaces.idsPerPod
9f161590bee metrics testing: add type aliases to avoid direct prometheus imports
37b47f47244 DRA helper: support dropped fields and TimeAdded defaults
2499663b84e DRA E2E: tests for device taints
5760a4f2820 DRA scheduler: device taints and tolerations
a027b439e58 DRA: add device taint eviction controller
07a275437f3 kubectl debug: Display a warning message that the debug container's capabilities may not work with a non-root user (#127696)
d5d008a6bd4 Invoke UpdateContainerResources or trigger container restarts (for RestartContainer policy) when memory requests are resized
0301e5a9f88 DRA: AdminAccess validate based on namespace label
2f1f19a992f flake: fix data race for func TestBackoff_Step
75a4d136aba Update kube-openapi and integrate streaming tags validation
cd1a5c6d5cf Fix Kubelet unit tests
506e4fed14e In TestListCorruptObject corrupt the object in etcd instead of changing encryption key
413e867f537 [KEP-5100] WinDSR to Beta
8b2cee83c15 Replace StorageVersion API with aggregated discovery to fetch served resources by a peer for MVP
c09d87f79c9 Implement watchcache returning error from etcd that caused cache reinitialization
13d04d4a92f DRA device taints: copy taintseviction controller
6478ca58594 ktesting: fix per-test logging in TContext.Run and WithTB
939c9c0c6ba DRA: add ResourceSlice tracker
99dbd85c45f DRA: generated files for device taints API
797475e1137 DRA: add device taints API
7fb028a433f DRA: add DRADeviceTaints feature
c766a52356a Implement KEP 4876 Mutable CSINode (#130007)
9be73c0d67f Graduate InPlacePodVerticalScaling to beta
691398c8563 add API approvers to generated applyconfigurations
aa32537e9a0 Add workqueue for node updates in DaemonSetController
381ccf0f4c7 Fix empty describedObject in hpa status (#124555)
5625483527c KEP-4540: added e2e tests for strict-cpu-reservation option
269bbac6e8d KEP-4540: moved StrictCPUReservationOption to beta feature gate
4c2be4bdde2 kubelet sets observedGeneration in conditions
d95d6ba5264 DRA scheduler: fix potential panic during unit test verification
582b421393d DRA kubeletplugin: add RollingUpdate
b471c2c11f6 DRA kubelet: support rolling upgrades
760903c0de6 DRA kubelet: give DRA drivers a 30 second grace period for updates
0524c807864 e2e/node: Remove outdated comment
c11077f417b e2e/node: Skip userns tests on windows
c348bd10e6c pkg/kubelet/userns: Log userns mapping information
69e270f509c pkg/kubelet: Explain why a user is required to get userns kubelet mappings
c984f0f08a1 tests/e2e: Add tests for userns kubelet mappings
1be3f8961bd Fix a race when closing activeQ
0effe155434 Move scheduler_perf topology spreading tests to a separate package
b3890d9fa0d bump RemoteRequestHeaderUID featuregate to Beta, on by default
decd11414b0 fix typo
091b450057c Replace PodResourceAllocation with PodResourceInfoMap type for extensibility for pod-level resources support
349e079abeb Update release notes in changelog-1.30 to fix example claim validation rule
af291a44c3a Add unit test to validate email_verified in claim validation rules
5d0caaa1a66 feat: Add alpha feature verification to feature gates
916c7867f7e fix godoc for email_verified requirement when username contains claims.email
a15520fbeaf Move pod resize status to pod conditions
61863035803 Adding Unit tests for windows-dsr and overlay support
984b475e749 Extract delegator.Helper interface to allow making delegate decision based on cache state
4f1912abf2d Fix missing recursive in consistency check, enable panic on failed check and fix typo in logs
5402baf4a2b Fix KUBE_BUILD_IMAGE_CROSS_TAG mismatch when KUBE_CROSS_VERSION is passed
9837a61528f update cri-api comments for Windows HostProcess withdrawal
a666451e8a3 withdraw Windows HostNetwork support
2b504a7089f Fix failing git_repo e2e release informing tests.
aa187d2d5ac add separate container runtime filesystem tests
c30eb9d9e5c feat: graduate the async preemption feature to beta
e394d430c48 Promote E2E to conformance tests for JobSuccessPolicy
0490b9f0b72 kubelet: document seamless upgrade support and guidance
f1031be019c node: cpumgr: metrics: add metrics for allocation per NUMA
5c4948ff314 controller: factor out pod node name indexer helper function
9e7c080b863 Use ValidateListOptions in watch cache
414bfc707ff Split subfunction to allow adding more subtests
6d21d8f2376 Test continue with negative RV for reading consistent RV
8c9452f4ca9 e2e tests: remove unneeded storage feature label
d66330609c3 Remove the not-even alpha feature setting
bc74476bdb9 Remove VolumeCapacityPriority feature gate
43382b1b394 Switch control from VolumeCapacityPriority to StorageCapacityScoring
f6ddee95f96 Add storage capacity scoring to VolumeBinding plugin
410dc1d6549 Trying to fix kubelet_config_dir_test
8f69d596e81 Fix pkg names != dir in tests
b47e839e4ec Comment on origin and JSON schema
46d5438c144 Fix import groupings
1ff4433c87e Fix whitespace in validateFalse test fixture
4c0c2d21ea6 Use origin in validateFalse's own test
d1d77cd553c Use test.Helper in helper funcs
1ae091e7187 Add validation for the NodeSwapStatus field
9d38a85c709 Ensure unit tests are guarded by a feature gate
18139b9845f Add unit tests
16871a1faa0 populate the new node.status.nodeInfo.swapInfo field
a9b02114099 add auto-generated files: make update
ee4ac3d70a3 add auto-generated files: ./hack/update-openapi-spec.sh
4bdaf6cbbde add auto-generated files: ./hack/update-codegen.sh
a53a517022c Add the Swap field to NodeSystemInfo
3e48d143fa9 kubectl: Remove duplicate selector calculation logic and add missing test cases for the 'describe DaemonSet' functionality
1f04af7947b Remove general avaliable feature-gate PersistentVolumeLastPhaseTransitionTime
a548688ffe1 fix: add feature-gate is disabled unit tests
03934974688 Add protection finalizer to vac when it is created
06482b6bd3b address comment
41e3efdb60a change doPodResizeAction to call updatePodSandBoxResources inside setPodCgroupConfig
95d3d4a22d7 Gate apidiscovery/v2beta1 serving with a feature gate
a758e725b86 Non-pointer VariableGen
4e3d114c267 Refactor VariableGen - no interface needed
6a59dcfa1dc Non-pointer FunctionGen
0b295553232 Refactor FunctionGen - no interface needed
282e1490d43 KEP-5040: Disable git_repo volume driver.
9aeeb530952 Remove usage of TopologyAwareHints feature-gate from kube-proxy packages.
25e041470eb Run ./hack/update-featuregates.sh
619957c9762 Graduate TopologyAwareHints feature-gate to GA in 1.33 and LockToDefault
a6c94ea605d Enable DeclarativeValidation feature gate by default
146515ac4a8 kubelet: pullmanager: write to pulled record if secret matches during query
788b7abe406 kubelet: pullmanager: move to a separate package
b8fc6042ca0 kubelet: GC for image pull managers
3793becbb94 kubelet: integrate the image pull manager
95d411382f2 Fix comment for GetServiceAccountFunc type
01302639f59 Add unit tests for credential provider in service account mode
f6a35c55f2d Wait for node to appear in cache in TestUpdateNominatedNodeName integration test
ef40e670bf1 Update hostpathplugin image to v1.16.1
cf20c21ef82 Revert "stop overriding max concurrency in CI, let automax procs handle it"
04ac6df8a91 add dra to edit role and add featuregate test
718ed7d0b58 dra: add user rbac
5a98d4dbb4a Limit declarative validation to spec until subresource support is added
b8361f9c6ea Revert "pkg/kubelet: Fix userns tests on Windows"
1057407cee3 DRA e2e: more flexible socket listening
b3befff631d implement a file-based image pull manager
0ca23338462 make update
47827f4d9a5 kubelet: modify KubeletConfiguration API with image pull policies
311e589534b Emit comments before validation code
ad96b3aed58 kubelet: implement image pull policies
1a660d3d0c9 flake: fix data race for TestApfWatchHandlePanic unit test
c4d77a07993 Add test cases for negative resource version in TestList
58d9b5c7b64 Test bypass for negative RV
d263344a9b4 Simplify bypass test by just testing shouldDelegateList function
ec127279571 DRA kubeletplugin: revise socket path handling
c6252daccb8 DRA kubeletplugin: turn helper into wrapper
37dee3c2824 [KEP-4817] DRAResourceClaimDeviceStatus to Beta
dc8dc314421 fix error treatment and remove annotations from proto
86169a7a1e0 Fix flaky RunTestConsistentList
09817b320f0 move generate podsandbox request to platform specific
ce4de97c2e3 make kubelet call updatePodSandboxResources on PodResizeAction
b27c303ac24 update cri-api runtime interface and cri-client add new method
8f11574f3d4 update proto files to add new method UpdatePodSandboxResources
64c0164cec0 kubelet: add the ImagePullManager interface
37e0fd50aac imagepullmanager: add v1alpha1 config API
cb7468b0774 kubelet imagepuller: PullImage() - accept TrackAuthConfigs directly
09284d926cc credentialprovider: track kube secrets as creds sources in DockerKeyrings
e549eeb7964 introduce the KubeletEnsureSecretImages featuregate
9df0f6b6043 Call PreEnqueue plugins before adding pod to backoffQ
8d4eaa024d3 Add SchedulerPopFromBackoffQ feature gate for KEP-5142
5c17e7bd9c6 node: cpumgr: metrics: add uncore cache alignment metrics
9cfe1863ce9 node: e2e: clarify test description
cea7d97d8bc node: cpumgr: use String representation in output
52e0f522ba0 node: cpumgr: test: use Equals for comparison
a07510fade8 node: cpumgr: test: abort on failure
3e70a1bc9c8 remove unneeded e2e features
6979567c449 Enable proper API in CLE integration test
f7296b31f0d Add declarative test cases for RC.Spec.MinReadySeconds
177193ed197 Mark RC.Spec.MinReadySeconds as k8s:optional
1e336160681 Add declarative default for RC.Spec.MinReadySeconds
1059dbdee18 Declaratively validate minimum value of RC.Spec.MinReadySeconds
20b69a54bff Add declarative test cases for RC.Spec.Replicas
0f4786536f7 Declaratively validate RC.Spec.Replicas optionality
21b3da7e5aa Add declarative default for RC.Spec.Replicas
e08bbf254c4 Declaratively validate minimum value of RC.Spec.Replicas
a9514b05911 Add update-featuregates to update.sh
088daf472b7 feat: Refactors featuregate lifecycle management script
14934b481ef refactor: detach Info from apimachinery util version
a3094ccbe6f feat: extend version information with more detailed version fields
8d71f74fcdb pkg/kubelet/userns: Remove skip on windows
691fd360ba2 pkg/kubelet/userns: Wrap error to get mappings
925416bc370 pkg/kubelet/userns: Provide stub implementation for windows
74b069d0fab pkg/kubelet: Fix userns tests on Windows
1ddfc7bdce1 benchmark-dockerized.sh: don't redundantly install gotestsum
8898868fea4 install-ectd.sh: brace PATH and suggest user export
d798d86981d cleanup CI integration scripts
d9a2dee622c Fix subresource parsing for declarative validation
7848744bf9c remove kubelet fake status manager
d6e5d4f20d4 make update
8eb74b96e33 Add validation to StatefulSet's .spec.serviceName
7315d0a6878 Change internal-version RC.Spec.Replicas to a ptr
e0011c72367 Support emulation versioning of formats
8f83f2446a5 Fix detecting consistent read when watchcache starts handling continue
6d3bff83213 Test recursive in TestGetListCacheBypass and separate overrides
8b0294daed2 Fix typo and pass the environment variable required to enable watchcache consistency checking in GCE tests
987bdd9e466 Sync pkg/credentialprovider/OWNERS with k8s.io/client-go/tools/auth/OWNERS
aab7a079fa4 make each scheduler test independent
27706a0b54c Add quota support for PVC with VolumeAttributesClass
2db729cfa42 Add flatz to kubelet auth.
ed08387663e Enable versioned validation fuzz testing for core v1 group
b5bc2838089 ReplicationController: Add declarative validation test suite
5a5ed81e1f2 ReplicationController: Enable declarative validation
256a576651c Add featuregate, feature and unit and e2e tests
e8547d8a540 Cleanup unused container parameter from allocation state Delete
05a9c062125 Don't update checkpoint file for deletion
30bca329c52 Don't re-write the checkpoint file when the content is unchanged
e856356225d Enable validation-gen on core/v1
9e42056a0df stop overriding max concurrency in CI, let automax procs handle it
cb7afbccf6e delete hack/test-integration.sh
08745086e2d chore: change Info->Error log level related to declarative validation runtime tests and refactor panic wrapper names
3b88db4f235 Promote CLE to beta
a7505f02621 generated
5ba4a90fdad Add LeaseCandidate v1beta1
ef3cb5c5afa skip admission for unsafe delete
a0cc02e264e Simplify shouldDelegateList
b27735be2ee Define type alias for getServiceAccount function
ad22c0d4954 Fix IP/CIDR validation to allow updates to existing invalid objects
78e58b8c49f kubectl: expose context parameter in DefaultRemoteExecutor
37ddc637f55 Revert PR 125102: Add unit tests to client-go/tools/cache/listers.go
692785d25b6 Add legacy versions of IsValidIP/IsValidCIDR
ac6790450ac Move TestListOptions setup before we start API server
ba189de78ff Slightly improve EndpointSlice address validation
fc4bb4fdb90 Add validation.IsValidInterfaceAddress
f79bccf4d99 validation unit test cleanups
76f1684117a Rename ValidateNonSpecialIP to ValidateEndpointIP
2090a01e0a4 add e2e test with the gcp-credential-provider test plugin
ad8666ce88d Update credential provider plugin to support using service account token
69dd6b3c0e5 CHANGELOG: Update directory for v1.32.3 release
dd25c6a6cb4 CHANGELOG: Update directory for v1.31.7 release
de904f80992 feat: add declarative validation metrics and associated runtime verification tests
34349e735ca CHANGELOG: Update directory for v1.30.11 release
1d365762a53 Introduce versioned validation test utilitizes and add fuzz tester
3eaa0478509 CHANGELOG: Update directory for v1.29.15 release
6defd8c0bdb node authorizer changes to allow read on svcaccounts
d398de294dd Add KubeletServiceAccountTokenForCredentialProviders feature gate
dd7b9f6171b Add service account token and annotation to v1 CredentialProviderRequest
ba2eecca0d2 Add TokenAttributes field to v1 CredentialProvider
003f2157671 *: reduce tracing events during streaming JSON objects
2d810ddfa9c Apply feedback
b9cb44a5933 Add approver permission for jpbetz in component-base/compatibility
d6f61438e01 CHANGELOG: Update directory for v1.33.0-beta.0 release
9fe18bf4866 Update core v1 fuzzer and validation tests to use util/ptr instead of util/pointer
775b118a6d2 Remove invalid emulated version and add lexographical order test
9eef88c8446 Add CLE e2e tests
f5dd7107f71 Implement streaming proto encoding
d6ef05b9a82 Add +k8s:minimum validation tag
b7b1e78d629 Fix context usage
cfcf7e93a3a chore(validation-gen): rename flag --extra-pkg -> --readonly-pkg in validation-gen
ca4f7857576 Update hack/verify-golangci-lint.sh
cd9df2f115a chore: change error_matcher.go to use test interface instead of importing testing pkg
c36b1c901f8 KCM: CTB publisher: tolerate NotFound during discovery
24e8fa769bc move ClusterTrustBundles featuregates to beta
1f1dbc35a90 kubelet: ctb: use generics to handle alpha/beta APIs for CTB projection
5b3b68a3a14 KCM: CTBPublisher: use generics to handle both alpha/beta APIs
d3f44a5bc0f kubelet: lazy enabling the ClusterTrustBundleProjection feature
0cd2976cabe integration: ctb: apiserversigner test to use certbeta api
ccd2d4d62ad generate code
e0f536bf1fa use the ClusterTrustBundles beta API
f598b4860c5 copy ClusterTrustBundle API to v1beta1
efac8fdea24 Delete todo comment to ignore update where 'old' is equivalent to 'cur' (#130322)
f9e5dd84ad4 Graduate image volume sources to beta
b38bfaa2ac9 fix: shared informer typos
cdac61b9025 use generic set in sig-node
63cd30e3f6c use diff port for TestCreateConfigWithoutWebHooks from TestCreateConfig
9e53371ddaa Fix test cases that may potentially cause a panic.
e4d73c56cd0 Implement consistency checking
4c6971007be Refine logging levels in Job, IPAM, and ReplicaSet controllers.
92aeb63a5be Handle optional value-types with defaults
f1674543718 remove feature gate AdmissionWebhookMatchConditions that was GAed in v1.30
8195f82fe82 remove AggregatedDiscoveryEndpoint that was GAed in v1.30
141e98ed050 Add comments to FunctionGen
989d68d7577 chore: update DeclarativeValidation featuregate
03f0475ebd2 Add Complete reason verification to all e2e conformance tests
8a20e908398 [FG:InPlacePodVerticalScaling] Drop 'Proposed' resize status
3460b2238eb Disallow optional/required on non-pointer structs
dcbfe67b1ca Prevent usage patterns we don't want to support
3d2d8db8350 Add option to explicitly enable future gv or gvr in runtime-config.
8eb90fe136d Add CoveredByDeclarative to field error struct
628d107b619 Switch cluster trust bundle e2e tests to generic alpha feature + feature gates
9828ad64da4 e2e framework WithFeatureGate adds [Feature:OffByDefault] (when passed a feature that is not Default)
819cb8fe22f Add emulation forward compatibility into api enablement and RemoveDeletedKinds.
46ac2af06a8 Fix validation test for ReplicationController
6d0b6278cd3 Rename some allocation.Manager methods
d4444dd5986 Use actuated resources to determine resize status
660bd6b42d1 Track actuated resources in the allocation manager
af9ac325b13 controller sets observedGeneration on pod conditions
42abc2a73b9 Mark StatefulSet's .spec.serviceName optional
4deb4f2b5f0 Trigger rescheduling on delete event also when unscheduled pod is removed
80f4f62ea86 hack: fix shellcheck
77758c185b1 hack: verify to verify-golangci-lint.sh
67f0e95b3ac hack: fix text
a9d558de263 hack: verify golangci-lint config, update text
89440b1239b DRA: integration tests for prioritized list
ccb607f06b9 Unify ListOptions validation between cache and etcd
dbf780a48ae authn-trust: don't react to target CM updates
aab083972db fix handle terminating pvc when kubelet rebuild dsw
ce163947aa6 fix a flake of TestRoundTripTypes: for FirstAvailable[].AllocationMode
085d23388ad Mark VAC roll-forward test as flaky
dc806188177 Use SetFeatureGateEmulationVersionDuringTest() for testing ServiceTrafficDistribution feature-flag disablement in control plane components
4e317265c77 Remove usage of ServiceTrafficDistribution feature-gate from kube-proxy packages.
2492eddd20b Bump ServiceTrafficDistribution feature-gate to GA in 1.33 and set LockToDefault=true
ca43bb17190 Run 'make update'
0d0b81b9375 Update trafficDistribution API spec docs for GA graduation
770ce2d874b Better handling of YAML that tastes like JSON
f08e640b9e2 Lock down gofuzz in deps
0ce4268b1fe Vendor randfill
e54719bb667 Use randfill, do API renames
6798e2d8635 Add time to extra-pkgs for validation-gen
8c98dee1edb Add utiliptables.NewDualStack
b0312589692 Improve utiliptables error handling when there's no iptables binary
f1d0eb4fe47 Add a unit test for utiliptables.New()
9c98d297953 Remove exec arg from utiliptables.New
e5e76d7c7ce chore: Fix incorrect AppArmorProfile.Type marker
3f5d30543d8 Add integration tests for using SAR with node audience restriction
b09ca8c2c84 Use SAR to allow dynamic audiences for node audience restriction
97a54dc4b04 update to v1.22.0-rc.0
337f1c211d3 Build etcd v3.6.0-rc.2 image
41469004282 Add normalization support to CEL semver library, enable in base env
7316d831377 Add warnings to all IP/CIDR-valued fields
d4c55d06cfa Export endpoints, endpointslice, mirroring controller names
610adebdb75 Add utilvalidation.GetWarningsForIP and .GetWarningsForCIDR
34717000dae Split out IP validation functions into their own file
5e067b6781c Minor IP/CIDR validation cleanups/fixups
b62503dd66e Remove a dead error check in winkernel
f001b3916d4 Remove a stale comment in metaproxier.go
303593cafe1 Fix some pkg/proxy comments
b5e9a8262e4 Remove exec arg from utilipset.New
36f5820ad15 Remove some unused proxy args/fields
13f0449e4ca Fix up kube-proxy import ordering/organization.
834a0d92cfa hack: fix settings for forbidigo linter
c510b93d28f Add tolerant parse option to semver
fabd449d7fe fix typo
e1d3aaf8612 Return correct error upon websocket message read failure
325a54f73dc ./hack/update-codegen.sh
d6ea91cf93d client-gen/fake: pass ListOptions to Watch method
dfb8ab65210 DRA scheduler: fail in PreFilter when DRAPrioritizedList is disabled and used
0a32e7d6e79 make sure that container is running when execute kubelet exec command
d76f40d2f39 fix(scheduler): skip best-effort pods in BalancedAllocation PreScore
032b05114c7 chore(scheduler): add filter integration tests for missing part plugins: TaintToleration plugin
9765fe4abb7 Add all extra_pkgs needed by main API types to validation-gen
0140842add1 update testdata for roundtrip and client tests
701b76f10d7 pod gc controller sets status.observedGeneration upon pod failure
40e7d88f022 Kubelet sets pod.status.observedGeneration behind FG
749f03a49fe Gradeate Job SuccessPolicy to Stable
6f1f7beff3a sort client-gen output
20230f22514 Fixing unit tests in k8s.io/kubernetes/pkg/volume/util/subpath on Windows
bb3ba9d073f Preserve old observedGen if incoming attempts to clear it
12d34624ba4 add observedGeneration to pod's dropDisabledStatusFields
6edd9217469 run 'make update'
eab9197d1a8 Add observedGeneration and validation to pod status and conditions
6645022d8bc Update status before returning err
b345f64c767 Skip test if cri proxy is disabled or undefined
abdc760ba54 call dropDisabledPodFields from pod status strategy
46c09d30178 add more uncore test cases
919e8a62e9c uncore: more testcases
5a7697dfe0c Fix unit tests for volume ownership
15cb82b3b3f Separate compactWatchCache from increaseRV
2fc3cd90b15 Store pod backoff expiration time in QueuedPodInfo
5917343e457 Parallelize lease candidate ping
627bfbdfdf1 windows does not support sleep infinity
a1cfb13099d we no longer need to track the go version in staging/src/k8s.io/kms/internal/plugins/_mock/Dockerfile
ed326fea133 Always report pod status resources consistent with the current pod sync
0e7e025c599 use kube-cross to build kms plugin
a3009258dac fix dockerfile warning
4d7f6eadf10 kms-e2e: use setup_env / respect GOTOOLCHAIN
97db9a7843a feat: Add flagz endpoint for kube-controller-manager
e2505b0d27c Update OpenAPI
c597cc1f309 Allow OpenAPI verification to pass both with and without strict alpha handling
0a9f492eedf Fix up ErrorMatcher from feedback
e6cf9dd1663 Pass storage.ListOptions to WaitUntilFreshAndList
796690637d6 Propagate error when creating CustomResourceStorage instead of panic'ing
4001c819f09 fix
b88f026053a Implement tests for encoding collections in Proto
7a84e7630f9 Run lists tests in subtests
5ecddb65715 update to latest cadvisor @ v0.52.0
8202b791e96 Job: Use jobSuspended util for suspended detection
32fd0de21c5 tweak
8e4b00e9494 use Cleanup instead of defer
186e6ee2bd5 Debug latencies in request handler
8fac9c68e18 Change allocation manager pod UID to types.UID
3a80473cda2 CHANGELOG: Update directory for v1.33.0-alpha.3 release
4f7ce7513e2 chore: migrate logging featuregates to versioned
04129d1dc82 node: metrics for alignment failures
4fda41c6509 Update base image for addon-manager to fix a build failure.
ffc1b32c660 Add declarative validation utility for use from strategies
5ff334a1589 Add declarative validation to scheme
c4ea350ef66 Add "endpoints.kubernetes.io/managed-by" label to Endpoints
41577dea1b0 delete opIndex wrapping
33bf509eb06 Use CamelCase for memory manager policy name check in InPlacePodVerticalScalingExclusiveCPUs
6975572a801 Add missing increments of queue_incoming_pods_total metric in scheduling queue
96bae53a375 Promote SELinuxChangePolicy and SELinuxMount to beta
afb4e96510f Expose NodeInfo to Score plugins
94471a5c5cf feature(scheduler): add more requeue case for CSI plugin when the VolumeAttachment is deleted
cb5c8d159c8 Don't automatically clear in-progress status when resize is not allowed
b0621e6955d Update CHANGELOG for addon manager v9.1.8
9598e5a1a57 Mark the feature gate on by default since it's a security fix.
523a19aa44e Extract isInPlacePodVerticalScalingAllowed to shared function
460db5c1372 Always use allocated resources for pods that don't support resize
6df3ea46d92 Never attempt a resize of windows pods
ca9734afaa7 Add third party strategy to the coordinate leader election integration test
074d9653b14 Bump addon manager kubectl version to 1.32.2
ea3fa1c5196 Add e2e test for MutatingAdmissionPolicy.
8bb597c0d24 Clean up some confusion around TrafficDistribution metrics
fdddd8d18c9 Port k8s.io/endpointslice from utils/pointer to utils/ptr
526960f9885 Change FailedScheduling Event message to be more intuitive
a2f47e6586f Add validators: immutable
63050550c35 Add validators: optional/required/forbidden
31f46372170 Add validators: eachkey, eachval, subfield
b5f9a00258e Add validation-gen core tests
8c41bdf05b1 Add validation-gen test infrastructure
3210f46b5b0 Add validation-gen to codegen scripts
e892dfac7d5 Add validators: opaque
c1f9e6b8eed Introduce validation-gen
7f5e1baeeea Bump gengo/v2 to latest
9a843790a30 Adding tests for consistency
a94403e9429 add BytesToXConfiguration function
77647cdfc3e rename SplitYAMLDocuments function
2d8d972cb85 Add warning logs for uninteresting kind
6a59c98a9e8 distinguish between YAML and JSON file formats during log output
09427ab5586 Update test/e2e/network/netpol/network_policy_api.go
bb79c29dd51 remove feature gate RemainingItemCount that was GAed in v1.29
3842d74d97d restrict trace context propagation to system:master and system:monitoring
f8b080a4be7 Update test/e2e/network/netpol/network_policy_api.go
2f6f8d083e0 Update test/e2e/network/netpol/network_policy_api.go
438d496555b Add test for ReconcileConntrackFlowsDeletedEntriesTotal metric
e5ad4a18781 e2e network policies test support network policies with finalizers
da987eb762d Wrong matcher - use BeNil instead BeEmpty
1e64a890385 Reduce number of (versions of!) images we pull in our e2e tests
29c219dcebe update go.opentelemetry.io dependencies to v1.33.0/v0.58.0
05a90bf642a Revert "Add LeaseCandidate v1beta1"
1a1b566d61f Revert "LeaseCandidate alpha -> beta,"
71622aee49d Revert "generated"
d5c072117db Clarify host_port field in CRI
2c062117d00 fix lint
2bed3333bc5 fix lint error
75b09b40540 separete runOp
df9d5f0bf8b Clarify ordering requirements of client-gen --input
e43de183cf1 conntrack reconciler must check the dst port
7fcaaa08ee9 Run make update
e2d1fcc1628 Addressed comments
3d318b57e30 revert the old loop to check if the node is rebooted
7555cbca90f DRA: Updates the e2e tests for Prioritized Alternatives in Device Requests
36d8a44b9c3 DRA: Update controller for Prioritized Alternatives in Device Requests
2229a78dfe6 DRA: Update allocator for Prioritized Alternatives in Device Requests
cc35f9b8e8d DRA: Update quota calculations for Prioritized Alternatives in Device Requests
a716095a8af DRA: Update validation for Prioritized Alternatives in Device Requests
68040a31736 Run make update
8f7b43b6fdc DRA: Update types and defaults for Prioritized Alternatives in Device Requests
0faebe30fdc DRA: Add DRAPrioritizedList feature gate for Prioritized Alternatives in Device Requests
0d7c9aa816e Prevent node-problem-detector from being scheduled on Windows nodes.
ac0b30db6da Update dns OWNERS in line with kubernetes/dns
f91105a77e5 fix prep and validation for pod subresource updates
c8111709e56 Add an error matcher, convert 2 tests
052f1fe8203 Update tests
8a1057a804b test: sched: replace `pointer` use with `ptr`
486d12efc5f call cleanup func position change
bee19638f19 tweak
e7c743b2ebf Streaming JSON encoder for List
a86cca4e185 Improve error reporting of KCM metrics
f9051901cee client-go certificate: context-aware APIs and logging
6b7e38f0180 Fix nits from PR 130355
c7cf852086c test: Add Origin field support to ReplicationController spec.Replicas validation test
07477c656e7 test: convert ValidateEndpointsCreate to use error Origin field in test
f63359efb03 fix(pod/util): typos in getting pod validation options
5eb37b073c6 Fixing k8s.io/kubernetes/pkg/util/filesystem unit tests for Windows
3010618efee feat: add DeclarativeValidation and DeclarativeValidationMismatchMetric feature gates
c3de5b707e2 Do not look for SSH external IP for NFSPersistentVolumes tests
2d10dec3a29 generated
ac7a95efb09 LeaseCandidate alpha -> beta,
0fede7b8a2f Bump x/oauth2 and x/crypto
dca3f56f64b Add e2e test for topology manager with restartable init containers
fad4594fd9f Add LeaseCandidate v1beta1
038b90d475e return error instead of fatalf
fb3b163ca0b Ensure we switch to k8s root directory for dockerized builds during e2e-node ci job
b7c80f7f159 Fix implementation of ContainsCIDR to allow non-equal addresses
f2e8fe93fb5 Fix bad CIDRs in a NetworkPolicy test
f73f6fd2ab5 client-go/gentype/fake: sets opts.Watch true
cc0faf086d7 [kube-proxy:nftables] Skip EP chain updates on startup.
65c792ca9ba e2e_node: remote: fix getting pod logs
e5becd01c84 correct ResyncPeriod comments
28d359beec1 promote HonorPVReclaimPolicy to GA
a4885091974 test: Improve error comparison in resource validation tests
02f7dc55d16 feat: Add Origin field to Error and related methods
94f3b552bf3 Fix linter warnings
b0dc96e71ec Add unit tests for progress tracking and remove fullpath from reporting
20cecaee97f Add Watch to controller roles (#130405)
d44ac38891c Promote e2e to conformance tests for JobBackoffLimitPerIndex
a91ed902fed Graduate Backoff Limit Per Index as stable
5942cd81382 Added tests for log file modes and compressing unknown log error conditions.
f214d8e27a0 delete unnecessary init
650db7fab97 golangci-lint: temporarily suppress known issues in the code base
45b323d6a5f use Cleanup func
e8b9d1d93f8 feature: Added filter integration tests for missing part plugins: NodePorts plugin
2472f4965fe Implement chunking for gzip encoder in deferredResponseWriter
239aad8e4b2 chore(scheduler): use framework.Features in scheduler plugins
168c338f7cb Remove limit support from btree store
43509b63d76 Bump hack/tools to github.com/golangci/golangci-lint 1.64.5 for go 1.24
8090db5dcfd Switch to private instances of rand for seeding for tests
88300c406b9 bump go.mod to set min go1.24
597b54720e1 Bump images, dependencies and versions to go 1.24.0
fea89f25d1b Move GetCurrentResourceVersion to storage.Interface
4205f04ce35 Replace uses of reflect.DeepEqual with cmp.Diff in pkg/scheduler tests
bed838955fa Removed parallel execution for test/subtest where AllocsPerRun is used
4c635ecf825 Rename CacheProxy to CacheDelegator
3c9cc93dbcc Bump etcd v3.6.0-rc.1 image
eeabc3ac6c4 selinux: Ignore pods with Recursive policy
d66928b842a Add Job e2e for tracking failure count per index (#130390)
740db0f01d9 Move watch progress to separate package.
145bc8a2ccf chore(kubelet): Use ptr.To to replace the custom function unit64Ptr.
04f0bd4e83b storage/cacher/ready: dynamically calculate the retryAfterSeconds
eb0f003d252 Fix a bug where the `ResourceQuota` admission plugin does not respect ANY scope change when a resource is being updated. i.e. to set/unset an existing pod's `terminationGracePeriodSeconds` field.
f7c17992973 Handle returned error as placeholder variables for now
fbce6bd6107 Fix typecheck errors
b51cbb1d17c Change plugin interfaces to use progress monitoring
32752fe395a Add recommendation for using OnRootMismatch
49dabe56d04 Monitor progress tracking for permission change
f484ae5bcbd Fix kernel version check condition in nftables proxier
ae991725b79 e2e uses websockets by default for portforward
071b1bd839d e2e test use websockets as default for exec operations
a97c6a70451 Added the mergeDefaultEvictionSettings Kubelet Config
4c0b24b06d4 e2e_node: eviction: fix ImageGCNoEviction test
d02401dea92 start setting pod metadata.generation
2de2093bcef Add snapshotting of watch cache behind a feature gate
0f24b9ff451 Split backoffQ into backoffQ and errorBackoffQ in scheduler
059dee36f84 Allow ImageVolume for Restricted PSA profiles Stop referring to ImageVolume as an unknown type during pod security admission validation. Avoid restricting ImageVolume for the Restricted profile, as users who can create a pod with a certain image should also be able to use ImageVolume with an image.
2173a0fafd4 Add watch cache capacity upper bound adjusting logic
56bd8d86a58 test/integration: use default API groups in test apiserver
cf70b06e376 e2e_node: improve logging for eviction test
b56d30e32a5 fix flaky test: Subpath Container restart should verify that container can restart successfully after configmaps modified
d92c70b8269 enable go-required check
afa266d7ef9 remove genernal available feature-gate AppArmor
2feecd46bdb [e2e/node] update base image from busybox to agnhost
c2afe4909d0 fix copyright year
de51ce79c01 ./hack/update-vendor.sh
3ae5312c97e Generate register files for all examples
fb11415a690 add simpletype pkg in v1 for register-gen test
e9c47f86018 Add codegen::register to hack/update-codegen.sh
dc4fce61ce6 Add missing imports in register-gen
bc4ae15d77b fix wrong assertion on tests
a933481f797 use const rather than string in cgroup_v2_manager_linux.go
b1f6cfcfae0 change defer order to pass test
a20a959b2c0 hack: split up test-dockerized.sh
86f504284c1 feature(scheduler): add queueinghint for volumeattachment deletion
f540197768f chore: add more error info for validateResourceSliceSpec
ddd4c56893b Fix pod resize E2E tests after forbidding memory limit decrease
1f642c79c31 Drop winsymlink go 1.23 workaround
237aadab89b [hostutil_windows] Remove unix workaround
2a32b213723 [test] handle ModeIrregular in getFilePerm for Go 1.23
b9f6013c12c fix: handle socket file detection on Windows
dfc8b271cf1 [kubelet] Make use of os.ModeSocket info
9492a2ca9ba DRA: add dedicated integration tests
9024140468e Cleanup allocation checkpoint failure message
fe4671356c0 Call allocationManager directly
2418b54ee2a Revert "Add random interval to nodeStatusReport interval every time after an actual node status change"
f904c6f46c0 fix e2e
1289f43f73f Build etcd v3.6.0-rc.0 image
034285dc477 Test continuations and exact revision LISTs
0f40600b316 add e2e test to reproduce unexpected unmount after kubelet is restarted
e1b3c8fd9b4 Add e2e test
06fa6158a06 Update namespace deletion process when feature gate `OrderedNamespaceDeletion` enabled.
7098221ae54 Fix TweakContainers comment
f1612003ff0 Fix the node reboot validation failure
4e651addd8c Add statusz endpoint for kube-scheduler
e986217c217 Update Generated API Code
d5c804b14db Remove Flagz feature-gate check before populating serverRunOptions.Flagz
a49b336e83e test(statefulset): return errors in framework function GetPodList for upstream handling
92cc680c8ae Fix SelfSubjectReview test to decouple beta and GA types from the same apiserver
2636aa35e3b Require canonicalization of NetworkDeviceData IPs
ec66befdcb2 Fix dup word in API doc
8ee35583912 node: topology-mgr: resolve lint errors
9e1d6d5cdc1 node: topology-mgr: Add logs in the happy path
04b048dcec6 flake(scheduler): fix allWaitSchedulingPods data race failed
f9e7b15c001 ktesting: add Run
c2ad724e9a1 ktesting: add Parallel
9a795c31fa3 remove release-1.28 config due to EOL
98fd7b4deac update publishing rules for rel 1.29/30/31 to use go1.23.6
764e13e27ae Refactor TestList and validate continuations to allow testing pagination and more exact RVs in the future
bf63e0046cb selinux: rename allMetrics
ee36b817df0 events: ensure the name is valid
ff69b5bcf37 generated
bdf2e2d0646 Fix non-recursive list should also read RequestWatchProgress feature when consistent list from cache is enabled
9e27ae27258 Remove gate for leasecandidate strategy
4cc32f817a1 Remove cloud-provider arg for kube-apiserver in local-up-cluster.sh
c186de00809 Fixing k8s.io/kubernetes/cmd/kubeadm/app/util/staticpod unit tests on Windows
697293906a8 Fixing k8s.io/kubernetes/cmd/kubeadm/app/util/dryrun unit tests on Windows
97cb563cae0 Require auth for all new Kubelet endpoints
2b1b20b3b15 Fixing k8s.io/kubernetes/pkg/proxy/winkernel unit tests
993f3c361f2 Fix DRA flaky test for ResourceClaim device status
21f899596ef Promote AnyVolumeDataSource to GA
a0a226d1584 integration: svm: wait for CR to be stored as v2 after CRD v2 switch
80966ce5c44 integration: svm: use consistent path args pattern in etcd fetch functions
e1557f80a2a integration: svm: use k8s ktesting package for test ctx init
faf5b3ec765 integration:svm: refactor utils
293a6c5c916 fix typo: optimitically -> optimistically
553e9bf84d1 adjusting loopback certificate validity in kube-apiserver
99881453838 Ensure that btree threadedStoreIndexer implements orderedLister
3d007532e0d Introduced additional log formatting to windows kubeproxy.
faf6dc13134 Add retries to runner.List()
b6f49d0728c Add retries to conntracker.ClearEntries()
90a42e0dc04 Add retries to conntracker.ListEntries()
84ec78ede71 Extract pod allocation manager from status manager
81e54a2a016 Move allocation state out of statusmanager
3100bbab2f7 Update gorilla/websockets library from 1.5.0 to latest 1.5.3
72b404f6aad CHANGELOG: Update directory for v1.33.0-alpha.2 release
3f4ef42e9a5 Move PodResizeStatus cache out of allocated state
d3eb639313e selinux: add tests for SELinuxController
e15fd43d812 test(network): replace calls to e2erc.RunRC with Deployments in service latency tests
cd0df9786ea test(network): replace calls to e2erc.RunRC with Deployments in service proxying tests
7deb49e3a60 Revert "Enforce the Minimum Kernel Version 6.3 for UserNamespacesSupport feature"
a2eeec5c5a7 Revert "Switch hard error to a WARNING for kernel version check"
9315ddbb650 kubeadm: fix panic when no UpgradeConfiguration was found in the config file
de984ec9b92 Update kubetl subresource to stable
992c8e9479d selinux: explicitly specify NodeMetrics in function names
7d5f3c57230 [kube-proxy:nftables] Read map/set elements on setup.
26fe6bc6e09 Add tests for encoding collections in JSON for KEP-5116
323410664c4 e2e: node: cpumgr: check CPU allocatable for CFS quota test
bb49a05fb5a fix: adopt go1.23 behavior change in mount point parsing on Windows
004c5f5a398 chore: remove unnecessary check for node is zero
45e2f3e438e Add a test to validate deferredResponseWriteron multiple write calls
a36f64e0743 Add more log information to help debug flake #129779
a70b6b9105b Add lock for csiNode update
2050d6fc696 selinux: add a new SELinux translator to the controller
3b7926824ec e2e_node: Don't use userns in DefaultPocMount tests
5d726e32c4d remove duplicated test on configmap volume
c48499d3604 fix ci
2382c0125b3 remove Removed generally available feature-gate DisableCloudProviders and DisableKubeletCloudCredentialProviders
29e5d429797 kube-apiserver: removed the deprecated the `--cloud-provider` and `--cloud-config` CLI parameters. Signed-off-by: carlory <baofa.fan@daocloud.io>
438df173e32 kube-proxy: metric to track entries deleted in conntrack reconciliation
fcce8aaad8a workloadExecutor's member use value not pointer
e353086e6ad test(network): replace RCs with Deployments in util function StartServeHostnameService
bdd83038e83 kube-proxy: metric to track conntrack reconciliation latency
98d600bef94 test(network): replace RCs with Deployments in util function CreateServicePods
6b16f051484 modify SchedulerCacheSize field comment because it will be removed at v1.34
e52274a9e2e Don't allow resize policy mutation
7a1b2aea741 fixing k8s.io/kubernetes/pkg/kubelet/apis/config/validation unit test failures on Windows
a1595d9dca7 Don't allow memory limit decrease unless resize policy is RestartContainer
f6090185a80 e2e: fix node conformance flake
0ce48b56368 Honor KUBE_HACK_TOOLS_GOTOOLCHAIN
6d58125111b Bump KEP-4427 : AllowRelaxedDNSSearchValidation to Beta
dc59c0246fb proxy: should add PingPeriod for websocket translator
844c2ef39d2 e2e: node: cpumgr: cleanup after each test case
f5e86dfea65 Deflake the PodReplacementPolicyFeatureToggling Job integration test
5e6611af559 fixing various unit tests on Windows that create abstract sockets by now having them create file-based sockets on windows/darwin
453e22a1667 Remove unused service account creation from node_authn.go
36c6c7778b4 Use `sudo` for dmesg in hack/local-up-cluster.sh
83595f500a4 NFTablesProxyMode to GA
ca8a0f5f1be separete sleep func
6d291ddc21b fix lint
a9ee6bdf81a use *e.tCtx
cc87cb54ab7 delete unneccesary define
3ce36b3b3ce rename doXXX to runXXX
d202a683f54 rename workloadExecutor member name
c40e69bb4cc remove double comments
3725c6f7650 pkg/kubelet: Make newTestKubeletWithImageList allocate a userns manager
96c2b81670c features: Enable user namespaces by default
447c74ca2cb DRA E2E: fix race between container start and check
4724870b971 test: remove implicit inclusion of "name" label in utils functions
d6a6dda2fa7 KEP-3857: Recursive Read-only (RRO) mounts: promote to GA
2642d8222d8 CHANGELOG: Update directory for v1.32.2 release
976eae5ee7c CHANGELOG: Update directory for v1.31.6 release
fc219cd3843 CHANGELOG: Update directory for v1.29.14 release
08ea6ca8da2 CHANGELOG: Update directory for v1.30.10 release
93a88f55182 GetRandomReadySchedulableNode nerver return MetricsGrabbingDisabledError
ec165ca5601 fixing k8s.io/kubernetes/pkg/kubelet/eviction unit tests on Windows
df1e9eeeb8c skipping InPlacePodVerticleScaling unit tests on Windows
569eb41f238 fixing k8s.io/kubernetes/pkg/kubelet/cm/memorymanager unit tests on Windows
f8728b62228 Bump konnectivity-client to v0.31.2
dbb34a04cc6 Reduce the number of processes used in e2e to prevent unexpected OOM
b9cd017a214 Fix intermittent test failure
b346ac0f8e0 Limit ResourceQuota LIST requests to times when informer is not synced
def95202175 node: topology-mgr: Add metadata to logs
f2f4634bd35 Add LegacySidecarContainers feature gate
54e2416210b update sig cl owners in k/k
da2f36be583 remove NodeOSDistroIs from test/e2e/framework/pod
358afb38f59 update publishing rules to use go1.22.12 for some active release branches
c83a5e0ad2b HonorPVReclaimPolicy: add more e2e tests
e31a3989fcf Make kubelet always canonicalize the PodIPs
6512de76ce3 Make EndpointSlice mirroring controller always canonicalize the IPs it writes out
29be52b3f70 Make EndpointSlice controller always canonicalize the IPs it writes out
7259742e233 Make Endpoints controller always canonicalize the IPs it writes out
26fe80855d1 Update build/pause/Makefile
faa23642f51 Bump windows pause image base to mcr.microsoft.com/oss/kubernetes/windows-pause-image-base:v0.4.1
1bd3d34d6f9 Remove some dead code in the Endpoints controller
eaab9081955 Mark v1.Endpoints deprecated in the API
fc3e649ef4d make update
2a903dd7a3a Mark v1.Endpoints as deprecated in the documentation
d3feb5080c1 Update websocket logging levels for better debuggability
c7a90b670c4 Introduce kuberc as new flag to customize defaulting and define aliases in kubectl (#125230)
f75965e5d9b aim to fix runtime class error
1c5170ff528 disable cfs quota when exclusive cpus allocated per static cpu policy requirements
437cd38e19a add feature gate
953954168c9 Modify how to check the status
0c68aa6a35f test(network): fix jig deployment scaling
d728eb47dc5 test(network): replace RCs with Deployments in util function jig.Run
ab02cda1683 make error consistent
8a797e42e12 resource metrics e2e tests: expect swap node and container level stats
676116359db Scheduler: update the error log
464fd0765d0 test(network): replace jig.CreateRC with jig.CreateDeployment
af3b9e613d3 reduce dependencies in apimachinery net testing utils
938b5f82620 chore(scheduler): add more log info when no preemption candidates is found in preemption
297b35873fe use workloadExecutor
4facb872247 kubeadm: update preflight check
445183a31fa nominate myself as an approver for storage e2e tests
479f9cd898d can pass all testcase
8ee64ba6b54 Bump images, dependencies and versions to go 1.23.6 and distroless iptables
819bf72b0c2 Remove feature disablement ConsistentListFromCache in update openapi script
fff99141581 Fix the flaky Job test: TestSuccessPolicy_ReEnabling
dc51c81751a kubeadm: update v1beta4 docs
523ed5498e1 Fix comment for FailIndex as JobBackoffLimitPerIndex is beta
b30944b0715 chore(dra): move pool validity check to the beginning of pool processing
5d278c138c0 fix labelvalues for scheduler-perf
b1d72a5b7c9 test: Add emulated-version flag verification in flagz test
c8804bff6d1 fix: flagz endpoint to return parsed flags value
8ab075578a5 feat: promote CRDValidationRatcheting to GA
ee25fed97d2 update publishing rules to use go1.22.10 for some active release branches
d195ea8756d fake/clientset: improve TestNewSimpleClientset
46ff62d6e49 Run ./hack/update-featuregates.sh
9ebe4422a98 Add support for Debian and Ubuntu
533a1211d30 Add completion in kubectl debug
6971779d0dc pkg/proxy/conntrack: refactor log levels for conntrack cleanup
07c279d06bf bump netlink
7edc7fbd47e kubeadm: add --etcd-upgrade flag to kubeadm upgrade plan
dbefbd593ed remove unnecessary unnecessary
03b59d8eef2 propagate context
88410368cd5 test: fix a typo
0907f745a0d Add the feature gate `OrderedNamespaceDeletion` for apiserver.
cd9fc8bc71f Enable ServiceAccountNodeAudienceRestriction feature gate by default in v1.33
5738ee4def9 Disable ServiceAccountNodeAudienceRestriction feature gate by default in v1.32
62809dd0de9 node audience restriction: use csi translator to convert intree inline_vol/pv to csi
ecd67e25373 node: memory-mgr: Adhere to the message style guidelines
d6c50c391d1 node audience restriction: add unit tests to simulate intree inline_vol/pv to csi failure
f4496974573 node: device-mgr: Adhere to the message style guidelines
40c86d8e064 node: device-mgr: Ensure consistent use of named arguments
19e406a3574 node: device-mgr: Update klog.Infof(..., err) to klog.ErrorS(err,...)
9cd041156fb node: device-mgr: Add logs in the happy path
a585bd74c48 node: device-mgr: Keep log level consistent across all gRPC calls
4b613ae96fe node: device-mgr: Bump log level for expected skips
584e224b431 node: device-mgr: Add metadata to logs
a10b3c35559 node: memory-mgr: Add logs when memory allocation is skipped due to QoS
6240febf4c5 node:memory-mgr: Add logs on the happy path
ee7f2616c62 node: memory-mgr: Update klog.Infof(..., err) to klog.ErrorS(err,...)
07d83acce56 node: memory-mgr: Update log levels and add logs to capture state update
34fd61a3ef1 node: memory-mgr: Add metadata to logs
7997c93cfdf node: cpu-mgr: Adhere to the message style guidelines
ca2c46a2730 node: cpu-mgr: Add logs when CPU allocation is skipped
01a546fe53a node: cpu-mgr: Add logs on the happy path
14c0bc19ac2 kubelet: improve allocated resources checkpointing
b05d56e5a54 Fix pod worker and prober log message typos
46a17f60e4d E2E node: fix --timeout default
8fc3a33454b Refactor compatibility version code
e54be1e1337 CHANGELOG: Update directory for v1.33.0-alpha.1 release
8bd4e1bab22 Update test/integration/serving/serving_test.go
6c093b1699e kubeadm: fix dry-run for kubelet-wait-bootstrap phase
065bf2004d2 Deprecate WatchFromStorageWithoutResourceVersion
20fbdeac96e kubeadm: fix upgrade to be able to rollback ControlPlaneLocalMode
bb36212342e kubeadm: Promote ControlPlaneKubeletLocalMode feature gate to beta
b1ad53c5331 Disable StorageNamespaceIndex feature gate when BtreeWatchCache is enabled and deprecate it
c5f66bfe70b Add statusz endpoint for kube-proxy
8431aa75390 Use %w to format errors and fix lint error.
3de770d5985 Use uncompressed kubelet log file permissions when compressed.
1a8d8c9b4a3 client-go watch: NewIndexerInformerWatcherWithContext -> WithLogger
e1ab6073ab1 Add more tests for optional.
3701e393279 fix: remove the mention that DRA uses Pending
8a3d0d68a20 Update the env option.
7b1c7c639ef Fixed the estimated cost for opt map.
c1e0443232f Bump cel-go to v0.23.2.
0ca45bd4f80 Bump images, dependencies and versions to go 1.23.5 and distroless iptables
5281152f077 feature: Added score integration tests for missing part plugins: TaintToleration plugin
e2ff03486d1 scheduler_perf: add thresholds to DRA test cases
949385731f5 golangci-lint: remove "strict" checking
8d27bf2108c Leave TODOs in pkg/kubelet/kuberuntime for later removal
0bee0bcaa7d Promote SidecarContainers feature to GA
81f09811cad Fix kubelet_authz_test.go
e0f548183c4 Graduate BtreeWatchCache feature gate to GA
4a5bbc4c159 Flip SeparateCacheWatchRPC feature gate to false and deprecate it.
f6b527cb54e Additional timeout to receive all watchEvents
4619a89ebaa e2e: expand error conditions when test-ing port-forward
0d5d714c2a6 Fix the remaining flaky integration tests in Job controller
da5a76bd396 Fix flaky test for container life cycle
f7df3ec07fa move log restored state to better location.
829fa63b5b1 DRA: fix allocation mode `All`
e766b04ade9 node: cm: use maps.Clone instead of reinvent it
8cc74e8a266 client-go informers: provide ListWatch *WithContext variants
6688adae142 client-go + apimachinery watch: context support
274ad0391fc Add scheduler_perf test case for default PodTopologySpreading constraints
71b91148409 kubelet: Migrate pkg/kubelet/sysctl to contextual logging
ce7d2130ad3 Fix kubelet_authz_test.go
f891092b87d Add the check of node rebooting in windows rebootnode test
a9aab298b47 switch to using the real FIFO
24b43ea96ec make a real FIFO implementation
424c7ca7e58 Remove unused ClearState function
b7fd30c8712 update generated docs
8f11a3b3679 WIP: fix the flaky Job integration tests
7936d64e037 Replace IsExternalSigner boolean with ExtendedSigningDuration throughout apiserver to ensure consistent token signing length between local and external token signing.
1b0ad78718e fix
ab80d577321 Try to clarify EndpointSlice semantics some more
f310ac03f45 kubeadm: graduate WaitForAllControlPlaneComponents to Beta
82f0303f899 node: e2e: Remove flaky label as device plugin reboot test is deflaked
0c34b706b28 Revert "kubeadm: Promote ControlPlaneKubeletLocalMode feature gate to beta"
9ac25f1d9ed update of CRI API readme file
bde75d60200 chore: use NotFound error for missing components
8c80d384b2b feature: add scheduler queuesort plugins integration test
ed826dddfec fix(dra plugin): when there is no resourceclaim, return directly
8a0937c0346 feat: add a lint rule to prevent Add unversioned featuregate
509bbed0985 Add a test ensuring all /scale sub-resources return table
b04e1b80be8 kubeadm: use the v1beta4 EtcdAPICall timeout for etcd calls
1fa995224aa Update scale sub-resource to return the same error everywhere
9d893aed0c7 Use GitHub release for downloading `crictl`
601c0e359dc cacher: decrease the running time of TestConsistentReadFallback
cfd6d9a2b44 cacher/cacher_whitebox_test: newTestCacherWithoutSyncing allow passing a clock
88090c49732 prevent deletionTimestamp from moving into the past
cfa0349159b Update validation code
c31b1b3332f Resolved some review comments
c479f007d84 Update field to use feature gate
ab964a776c8 Fix e2e tests failure
5889da1bbc7 Resolved latest review comments
242dec3e341 Updated some unit tests and resolved some review comments
5ed5732fa22 Refactored status manager code of updatePodFromAllocation
8fa8277908a Added some unit tests
2ba61325f69 Fix e2e test error due to ContainersToUpdate map not created
9a5c57817a0 test: pod-resize tests for sidecar containers
6c5cf687229 Resolved latest review comments
6cf5b80c644 Fix some unit test error
1cf45872773 Fix build error
1eb966cb455 Added unit test for sidecar containers in TestValidatePodResize
a0d3cb0a2c7 Added proper validation msg when non-sidecar containers are resized
591b0f547ae Fix issue of pod spec mismatch if there is any non-restarble init container present
5d5e903e27b Revert e2e tests added for sidecar
3885d2f8abc Added sidecar support in ValidatePodResize and dropNonResizeUpdates
cdddaed8419 Added sidecar support in and
34ddb91f187 Fix some unit tests error
0e392f90170 Disable e2e test for now
d1fac494f4d resolve merge conflicts
5742f3deeb9 Cleanup running dmesg process in `local-up-cluster.sh`
b3e1d57339b kubeadm: Promote ControlPlaneKubeletLocalMode feature gate to beta
617c0944354 Add an e2e test
bd8dee96379 Improve Goroutines metric calls in parallelizer.Until
54500bfe692 cadvisor_provider, unit tests: ensure container-level metrics are collected
ceeba21d3d0 cadvisor_provider, unit test: Add swap stats to cadvisor CPU and Memory stats
c1112666098 cadvisor_provider, bugfix: Add swap stats to CPU and Memory stats
e6c19f315f9 cri_provider, unit tests: ensure container-level metrics are collected
748b52a1308 cri_provider, bugfix: Add cadvisor container stats
a85f489b28d client-go/transport: structured, contextual logging
44ca3b36545 Passed context for Wait methods in integration test utils
659804b765c refactor runWorkloads
4e05bc20db9 Linter to ensure go-cmp/cmp is used ONLY in tests
3a780a1c1b5 KEP-2862: Graduate to BETA.
28896d2f90c e2e: bump port-forward timeout
013f65b2576 DRA: fix test-driver examples
7f766762d91 Updated Concurrentmap iter
d3e8572d706 cluster ip allocator should check first on the legacy allocators
627e83c841f Passed context for Wait methods in integration test utils
27ec5de8638 chore(scheduler): improve log output for podtopologyspread filter plugin
156b9fbadc1 Bump kubedns and nodelocaldns to 1.25.0
38a21e06f5d fix: Fix the issue of relist caused by client-side timeout
e263b878eef Deployment controller should count terminating pods in the status
dc1914c61c0 ReplicaSet controller should count terminating pods in the status
28437797b52 update generated files and feature gates
14783b8a9bc add validation, field disablement and tests
f7c46df6651 api: add terminatingReplicas field to ReplicaSet and Deployment statuses
067012f5844 `client-go`: transform `watchErrorStream` to wrap the underlying error (#129765)
2b24c518b04 Drop declaration of IP/CDIR type CEL variables
0b38e6cd9e6 e2e network: remove test for funny ips
87139335b0e Switch from using a function to just pure map in create token
3030b1dc6a4 Finish extracting ExplainFlags structure
06077806cab Add dom4ha to SIG Scheduling reviewers
91afef615ad Refactors explain command to split flags from options
da999fbc1b5 Update CNI plugins to v1.6.2 and avoid using k8s-artifacts-cni bucket
fdebfb44857 e2e log info on nodeport allocation failures
f150016fbec feature: Make Unschedulable scheduler performance test parametrized with the number of initial nodes.
1065377f97e Revert "tests: include stdout of failed commands in JUnit"
faf30b30679 update github.com/coreos/go-oidc to v2.3.0
84b8f181e4d Concurrentmap Iteration
db3ae754b1d e2e network: adapt dual stack tests for endpoint slices only
69964319d14 remove GAed EfficientWatchResumption since v1.24
d889bd15bda DRA CEL: skip estimating the cost in the scheduler
a78983906f4 Adding support for providing version for functions in kube_codegen.sh (#129658)
b7386467c8d client-go rest: store logger in Result
7821abf2ae2 client-go/rest: finish conversion to contextual logging
b15a1943d51 client-go/rest: backoff with context support
48fb886325f client-go/test: warning handler with contextual logging
9998a032b13 kubeadm: fix a wrong log message
bda81f1b68e Kubelet server handler cleanup
c56426bd9f6 node: device-mgr: Update klog.Infof(..., err) to klog.ErrorS(err,...)
f8596d6d289 node: device-mgr: Change ErrorS(nil, ...) to InfoS
c68fc01b774 return an error instead of recording a test failure
c9e81cd84ca Switch to gopkg.in/go-jose/go-jose.v2 @ v2.6.3
0452ae402a5 Use cached calculateResource result when removing pod from NodeInfo in preemption
c5fc4193bbe Fix pod delete issues in podresize tests
7712d34b9ee remove unrunnable tests from NFSPersistentVolumes
969ecabc0f2 Remove all references to v1.Endpoints from non-network e2e tests
da5bf27bc57 Remove no-longer-used TestUnderTemporaryNetworkFailure()
bae4122f56f deprecate nodefeature for feature labels
7266759b67f Nominate macsko to SIG Scheduling approvers
238c32a1d9b Remove cache.ErrRequeue
8e77ac00013 Remove Queue.AddIfNotPresent
aaac13fc6a1 remove gke from e2e
09c82fc58a2 integration etcd storage test
8fcb4b5773a comment we keep storing v1beta1 by default to handle upgrades
3606d52cd6d make update
779b9cf90c7 update integration test
b6c3dfdad5c e2e test for service cidrs
7721590b9e5 update controller manager
33ba5855340 update kube-apiserver
bea17e14971 update internal API
ad511cd249f update registry
e340a07ccf4 update kube-proxy
ddfc4d3e588 update text fixtures for rbac
c26a5796fd9 update networking strategy
e3b39758215 describe servicecidr and ipaddress v1
eeae7b3fc8f promote ServiceCIDR and IPAddress to GA
272f33de90a api rule exception for ServiceCIDR
68cae5131a5 server both ga and beta servicecidr and ipaddress apis
3b48b0627bf graduate DisableAllocatorDualWrite to beta disabled by default
f97ff113fa0 graduate MultiCIDRServiceAllocator to GA
5cd7325cd7e e2e: expand error conditions when test-ing port-forward
7d02a18a645 add a comment to InTreePluginPortworxUnregister
03a3288ddde tests: include stdout of failed commands in JUnit
5ed3164d322 Update in-tree gcePersistentDisk tests
e26fb1c393a remove duplicated test case of `pvc not found`
e1fdced21f3 Put the target plugin names in the Qhint integration test cases
aecf3238bf6 fix lint errors
8b4eae24ab1 Move some exec helper functions from framework/volume to framework/pod
d3974065c8e Remove GetDeviceNameFromMount from HostUtils
612fcdaf737 add a comment for features.Flexvolumes
45529062e76 KEP-3836: 1.33 - remove feature gate
ce9e398641b hack/ginkgo-e2e.sh: forward TERM/INT to Ginkgo
1d4acfb8822 Update EnvFromSource.Prefix doc to mention Secret as well as ConfigMap
25a6fa144f4 There is no need to set the worker to nil to avoid potential timing issues.
110868691b2 node: cpu-mgr: Update klog.Infof(..., err) to klog.ErrorS(err,...)
b3fed900526 Remove unnecessary feature label Recreate
8d7aed698b7 remove APIListChunking which was GAed since v1.29
e68cc0a6eda remove feature label FSGroup
9898bfdbdae Remove unused test code
fca697aca08 Add logic to check for new ephemeral containers on pod update and update secret cache if they exist.
92e35e7618f update credential provider godoc with unique provider name req
9a331bbf59c credential provider config: validate duplicate names early and preserve provider order
1fc514cfe99 Bump sample-apiserver test image to 1.32
2504c6e73ae Update VERSION to 1.32.1 for sample-apiserver
2cc3dbf2250 DRA CEL: add missing size estimator
1714fbfa754 node: memory-mgr: Change ErrorS(nil, ...) to InfoS
dac6b34a618 kubeadm: improve message in 'reset'
4aeedcde3b8 Fix CSI migration UTs
14936a7f582 Promote Portworx CSI migration to GA
40b9a297389 Fix Portworx plugin's CSI translation to copy secret name & namespace
479ff5a02b0 remove duplicate getAttrsFunc calls to reduce temporary memory allocations
e578dcab3ad CHANGELOG: Update directory for v1.29.13 release
7f1abe993cb CHANGELOG: Update directory for v1.30.9 release
8ad8ad4681e CHANGELOG: Update directory for v1.31.5 release
cba6300414c Document nftables kube-proxy's "public API"
e5b326c0505 CHANGELOG: Update directory for v1.32.1 release
c78ee00e963 add missing KEP link for AuthorizeNodeWithSelectors feature gate
271b8cf1c1e kube-proxy healthz handler ip family aware
226b43b8ee7 Prevent alpha feature gates from being enabled by default
94d90fafeed fix name
3986472b3c7 Revert to go-difflib and go-spew releases
fef67f64c7b Update compatibility matrix and maintenance status upto release-1.32
c911ddd8a48 Fix: touch /dev/null permission denied on macos
936f249fa05 Add introduced and removed version information in etcd fixtures
43d86c2a3ef Drop github.com/asaskevich/govalidator
0d8a8fe3065 Update to latest kustomize/v5.6.0
bfce77d1c0f We still can't rely on first condition being fs-expansion pending condition
aa6a72f76ff Bump CSI sidecars to fix CI issues and such
59850b58230 Promote ServiceAccountTokenNodeBinding to GA
d66ced5730f client-go/tools/cache: fix TestAddWhileActive
8221e28e4d9 Add ffromani as approver for kubelet resource managers and their tests
bc488020870 remove WatchBookmark feature-gate comment from types.go
c0b49120e53 lint: removed empty line
a7937f53915 Remove WatchBookmark feature gate
561c1d235a0 full sync per one hour with BFR
0ddab169457 shrink the cache.Queue interface to what is actually used
12345a14c34 kubelet: use env vars in node log query PS command
e179f0e364d Add test for compatible version
2f4bd13fe57 kubeadm: remove misplaced error during image pull
a92297f1a76 kubeadm: remove the GA EtcdLearnerMode FG
aa1d79c3701 Use DeepCopyJSON to copy testcase input
a2b12ba4061 Simplify schema sentinel subresource logic
f886f3b7f10 e2e: expand error conditions when test-ing port-forward
17030f19b6c e2e services: avoid panic on service creation retry
2c58e274760 storage e2e tests: add more tests for pv relaim policy
fd35f652d41 fix state mem constructor and adjust restoreState
018ee41e6f5 kubeadm: fix a wrong comment
3274dc40edc pkg/proxy/healthcheck: consolidate IsHealthy and isHealthy
1c1fc736162 pkg/proxy/healthcheck: enhance testing
729deef4542 bump kube-network-policies to v0.7.0
0e55e47cff1 Remove unnecessary logging in FilterActivePods
64aac665fd9 pkg/proxy/healthcheck: bug fix for last updated time
4a4fc9da801 Extract and unify cache bypass logic by creating a CacheProxy struct
2d826871146 Improve topologyToMatchedTermCount map in InterPodAffinity PreFilter
1b7ddfe6bbb e2e: deflake subpath tests
1b2bacda5bd Only test requests that pass validation
7226a3084e8 DRA e2e: adapt to increased ReservedFor limit
0899cf892d4 add documentation that 0s duration will be overwritten for 5m
ba816967a0c Simplify status subresource ratcheting testing
8d79998058b remove workaround for vsg testing
c6f19d3c2a1 update snapshot CRDs to v1 in cluster addons
e5a3bdb3a71 Refactor shouldDelegateList
bdd0f5dd238 test: add Junction file type test on Windows
1cee3682da9 DRA API: bump maximum size of ReservedFor to 256
fe895563d92 Test all possible combinations of input for shouldDelegateList
13a21d58548 Add benchmarking of namespace index
8eb31f8aa16 Fix service's nodePort already allocated
a2a0a752102 Cleanupï: only initiate http2 server options when http2 is not disabled
2653caa248d fix dra test lint
5b2c1dde79d Add namespace to DRA adminAccess ValidatingAdmissionPolicy message
41f805b4761 Added check for multipath device mapper
a6c7d22f44f update publishing rules to use go1.22.10 for some active release branches
0645f0e50ec pkg/proxy/healthcheck: file rename
d6c575532ab pkg/proxy/healthcheck: rename 'proxier' to 'proxy'
4a0578e3dee Improve benchmark to handle multiple dimensions
091fa293908 Fix status subresource ratcheting
f1834f06f4f client-go event: add WithContext expansion methods
e681a790584 apimachinery wait: support contextual logging
77eae7c34f9 feature(scheduler): remove dra plugin resourceslice QueueingHintFn
fb47caa689f Update coredns to 1.12.0
cad12e5a415 Lower verbosity for topologycache messages
efdd6bea2e9 kubelet checkpoint: refactor state memory
42a5e5f4255 Pass context down to wait.PollUntilContextTimeout
8e872978e84 kubelet: improve allocated resources checkpointing
75131475fdf Remove general available feature-gate PDBUnhealthyPodEvictionPolicy
a7be958884d Remove general available feature-gate JobPodFailurePolicy
a811427020a Remove general available feature-gate AppArmorFields
7c887412c88 Add validation for revisionHistoryLimit in sts to prevent negative value (#129017)
4114a9b4e45 [kubectl] Enhance describe output for projected volume sources to indicate optional Secret/ConfigMap (#129457)
02fbcb4e69b kubeadm: should not warn on non-detect sandbox image
b1cb471982b Use generic btree in watchcache
a97ed3c98bc Update github.com/google/btree
977c4e9138d remove nsenter package
00a7849ef90 kubeadm: add preflight check for losetup on Linux nodes kubeadm: remove preflight check for nsenter on Linux nodes
c9bfc3b4556 use ginkgo.DeferCleanup to do cleanup tasks
129418b9a98 e2e: ctb: make it possible to run the tests in parallel
df503e54c85 Update etcd from v3.5.16 to v3.5.17
4c6deed07ec kubeadm: fix a bug where the node.skipPhases in UpgradeNodeConfiguration is not respected by 'kubeadm upgrade node'
61681433869 Remove use of deprecated functions
5aa4dd4a6ea Make it possible to pass a scheduler profile to RuntTestCoreResourceEnqueue
78a64027559 Extract list response struct to manage all the response fields
9d55fba36a0 fix featuregates_linter
deb234c9d5c refactor: simplify boolean expressions in CRD handler
2fd16abbe8d kubeadm: bump supported etcd version
cff0f4009f1 webhook: alter regex to account for x509sha1 GODEBUG removal
a9b641464eb chore: adding support for staticPortRange
2c305d71f05 kubeadm: add system verification check(including kernel version check) for upgrade
c3a54926a44 Fix PodTopologySpread matching pods counts for constraints with the same topologyKey
2cb1cc9e3a0 Bump images, dependencies and versions to go 1.23.4 and distroless iptables
215d0b094b6 Add tests for kubectl qos (#129388)
5f4d646ea33 Add Device status const comments
8e1403563a6 client-go cache: fix TestHammerController
b649c113661 chore(printers): add miss unit test for resourcequota
b406ba5cc36 kubeadm: skip disabled addons in clusterconfig on upgrade
f47e6d04283 fix: enable len rule from testifylint in module component-base
35f584187a6 accept GINKGO_FLAGS for test-e2e-node.sh (#129215)
976aefca1b2 fix: adopt go1.23 behavior change in mount point parsing on Windows
e99fea7e3f1 deflake volume tests
63ddf4bf33f test: Add integration test for apiserver statusz endpoint
2ddbfd19670 Fix Borg pub link in README
176730b0f08 test: fix pv deletion timeout
7c515cd1cb6 remove kubeadm.alpha.kubernetes.io/cri-socket annotation when kubeadm upgrade
ca4529574e9 remove node special feature typos
0b6e3718340 Bump x/net to v0.33.0
59fcd7b770d fix metrics test
6c94adcc630 expand etcd storage tests to test for 1.31..1.33
dc476e968d9 remove emulated version test for un-emulatable 1.30
cf28c0405c0 Expand emulated version range to n-3 with 1.31 floor
4e8477bd3bd Bump binary version to 1.33
f20eb2e7c16 client-go workqueue: add optional logger
446252b0c35 Add crd from external snapshotter
c71d27cb020 remove v1.30.0 api testdata
cf1e2e6c2da Add v1.32.0 API testdata
db6bf022173 feat: Add flagz endpoint for kube-scheduler
4396511e43a kubeadm: removed preflight check for `touch` on Linux nodes.
e3b12d89d0d fix(dra): support multiple resources to publish in PublishResources
769e7990d61 remove container-runtime-endpoint flag when upgrade
efdb7357506 kubeadm: fix idempotency retain, address deprecation
78f9f214c02 apiserver/admission/cel: add unit tests for JSONPatch expressions
a88e08c3971 Do not attempt to truncate revision history if revisionHistoryLimit is negative
db4c509e716 kubeadm: generalise CreateOrUpdate etc.
4411a3f3be8 lint
bc46e3d9b3f apiextensions: replace panic with error handling in DiscoveryController
4638ba97166 client-go/tools/cache: add APIs with context parameter
00dab9dffa6 Add Validation to versioned feature specs.
f3ff7d0518f chore: update comment for NamedFlagSetsReader
8495df64b22 deprecate nodefeature for feature labels
68ab918df76 Bump filepath-securejoin to 0.3.5
13b84453df5 Coerce null label and annotation values to empty string
4a2b7ee5699 Configure watch cache history window based on request timeout
04426633c0b Use OS-agnostic path separator in pod warnings check
b963e1514e9 fix check errRaw != nil but return a nil value error err
fd8a61ae1b3 kubeadm: update owners for v1.33
19aef482fae fix incorrect variable reference in handleUpdateEndpointSlice
75e5bd6a4f0 Fix unit test.
3ec97a445f0 kubectl: add test coverage for cordon command (#129202)
b9fc5678d96 Not using fine-grained auth.
a87dd67a3c8 feature(kubectl): use autoscalingv2 in kubectl autoscale
a7340ff36c0 [windows] Don't chown existing directory in MkdirAll
e1ef9e40f57 chore: Update apidiff.sh script description
0c1b1e04501 Address comments
6a608c3cdb1 drop NodeSpecialFeature and NodeAlphaFeature from e2e-node
e67c24bdbb4 Bump kubedns and nodelocaldns to 1.24.0 (fixed)
67a13f5355d Revert "Bump kubedns and nodelocaldns to 1.24.0"
c3a3a54822a Add `github.com/golang/protobuf` to unwanted dependencies
2c24a12804c Update generated clients after removing always-nil setConfigDefaults error return value
c3eba35aa2c Remove always-nil setConfigDefaults error return value in generated clients
1d13ff2a05e make update
11d68ecc4eb ResourceClaim.Status.Devices.Data as pointer
f5969adb14a Clean up NewServiceChangeTracker/NewEndpointsChangeTracker args
79d1c078bb1 Make change trackers just ignore the "wrong" IP family
2c348bf1863 Use a constructor properly in change tracker unit tests
7e578bdb6d9 lint
ed7f7ce92b0 fix race conditions in polling functions
532607ecbbb Revert "Change default filestore permissions to 0700"
d84ab830ad8 Remove shouldServeBeta parameter in apiservice storage
b2c84061c9b Change default filestore permissions to 0700
3269f4bb94c bump kube-openapi
8f782fea930 Add client-go README
3cd1c8dd2d2 Drop v1alpha1 VAP in CEL tests
68631d8f7c1 Remove v1alpha1 serving for VAP
1b15876e266 test: reduce container resources in in-place pod resize tests
90e64a57c6c kube-proxy,nftables: add debug logging for failed transaction.
b7d6e787268 make update
ca5f1deed44 Fix ResourceClaim status API inconsistency
161a817812e Clean up v1alpha1 serving for authorization API
c1d0e870f4f Replace `github.com/golang/protobuf` with `google.golang.org/protobuf`
3571992ffcf Add watch permission to namespace-controller for WatchListClient feature
39e7db9cc92 kubeadm: remove iptables/ip/tc/ethtool binary preflight check
80735180ab2 Update x/crypto/ssh dependency
a69efaeb765 Shut down webhook after apiserver
9e46be86470 CHANGELOG: Reflect correct approvers/reviewers
137ccd2a73b OWNERS(sig-release): Add `release-team-subproject-leads` alias
0c1ccd133b0 OWNERS(sig-release): Reflect Marko's position as RelEng subprj lead
5c283cbb453 flowcontrol: remove testing dependencies
8fce9b0db68 apidiff: default from prowjob env if available, default before doing anything else
c9066d75f6d Fix data race in CBOR serializer's custom marshaler type cache.
e8087b3f6ac Remove the limitation on exposing port 10250 externally
f9d9649f567 Bump kubedns and nodelocaldns to 1.24.0
f93e6f3d3ae kube-proxy implement dual stack metrics
b95c7880005 remove release-notes of reverted PRs
0ba43734b4c client-go/tools/cache: goroutine leak checking
e3c584030c3 k8s.io/apimachinery: add HandleCrashWithLogger and HandleErrorWithLogger
ae11c7deb1b DisallowInvalidLabelValueInNodeSelector
0cc92622006 kubectl: fix wait --for=create to work correctly with label selectors (#128662)
5b06498cb24 fix: fix miss makezero bug (#125132)
2f9fb220ba6 CHANGELOG: Update directory for v1.32.0 release
ebb02bb6cc0 feat: Adds flagz page for kube-proxy
88365488062 test: Add integration test for apiserver flagz endpoint
7caff55fd9c Add statusz to kubelet auth.
353118c0475 e2e: don't panic asserting inside wait.Poll
63992e1790d dra e2e tests: add feature-gate label when these tests depend feature-gate
5d3c07e89db kubelet: only emit one reboot event
f367122f302 scheduler plugins changes are API changes, not upgrade action required
9bd5dc86d31 Fix grammar mistake in kubeadm config v1beta4
e35c9b2cd22 add comment for features.BootstrapTokens
3698050dc79 network e2e tests: add feature-gate label when these tests depend feature-gate
902dedbb522 fix: Move statusz to debugging handlers.
816cd402806 Unify ComponentKubelet and add unit tests.
a04df83f86b add statusz for kubelet
804f8c75843 kubelet: fix DRA registration test
bfed2323105 Update cri-tools to v1.32.0
74090f8eb4a updated bootstrap-discovery link
247555c2b79 test: deployment patch status test should check the modified fields
d1cc270f139 local-up-cluster: only wait for coredns if enabled
bb2db379c79 test/e2e/apimachinery/watchlist: select only wellknown secrets
8f48a82e6ed docs: `-l/--selector` example for set-based requirements
060c653b53a scheduling e2e tests: add feature-gate label when these tests depend feature-gate
04669c5d644 add warning for duplicate port name definition
5a8d77a2ae2 Add statusz endpoint for kube-controller-manager
c5f0e63c624 Add Podresize endpoints to pending_eligible_endpoints.yaml
22c41caca9f Add integrate test to OOS node
dce863e5e61 fetch cni plugins from GitHub releases
f0c5de00600 Fix volume expansion offline
29d26297a1f e2e: node: fix misleading device plugin test
a0b74011b2b add kubelet validation for containerLogMaxFiles
cb74323e070 refactor: Simplify the code logic.
617e5c79bb4 storage e2e tests: apply feature-gate label when these tests depend feature-gate
1fd76884b96 Isolate mock signer for externaljwt tests
b71763ef386 Remove unnecessary log msg.
0a02c74ca63 update-vanity-imports.sh: remove script
8a908e0c0bd remove import doc comments
326c84a1515 [e2e, service] Add total timeout for affinity check curl command.
b330eeac2ff prune-junit-xml: preserve system out + err text during test pruning
e0e4af8a58b prune-junit-xml: smarter concatenation when pruning tests
53e9f29d29f Fix kubelet e2e tests incorrect message
8f4e425daf2 chore: ignore dat files generated by scheduler-perf
0d18ae303bb apiextensions: add pkg/test with CEL unit test helpers
9e99be7c2b4 Fix: typos for volume package
e5ebbdc3c7f Ignore internal packages messages
ebe5bab2cb4 Move common code to an httputil package
27608fa25db refactor(scheduler): Rename UpdatePodTolerations for code style consistency.
f92bde1894f parallalize the apidiff dump
affafd906da improve report on failures summarizing the modules with incompatible changes
7de94d43cab handle the case when modules are added or removed
52386915a83 use relative paths and modules that are not visible to golagn workspaces
48ea6fc4651 oom_watcher: fix testifylint failures
f622be03338 kubelet: Migrate pkg/kubelet/oom to contextual logging
e6fccc36d8e apidiff support internal go modules
79d62d8bb3b change current and desired
6f06cd6e057 Do not reload kubeconfig from disk
a43b00b429c make test-cmd: use kube::util::find-binary to get kubeadm binary
65b243fcd60 chore: remove repeated scheduler prefix metrics for CacheSizeMetrics
bf1280014bb pkg/volume: remove unused function
31958838318 UnitTest: kube-proxy EndpointSliceCache cleared correctly
78b440a74af Fixed: kube-proxy EndpointSliceCache memory is leaked
05ebf451146 e2e: wrap DRA ResourceQuota Forbidden claim check in gomega.Eventually
eb6bb5f84d8 Record dataTimestamp as float
67b74696f8c Adjust performance test threshold limits
8312c3ec242 Use generic Contains rather than deprecated ContainsString
7c3a9d65fca Don't set default resize policy in E2E tests
da4dc0aec78 Stop defaulting container ResizePolicy
3baa6f08c0a Add modern-go libraries to unwanted dependencies
b63593715ff Test EndpointSlice in dual-stack e2e tests
9dbdfe7ecb1 Remove provider specific operations from the autoscaling tests and reintroduce the tests.
c3f15fd707a Use generic sets rather than deprecated sets.String
bfea4890c59 cleanup: remove pod_scheduling_duration_seconds
36245509e86 fix flaky behavior due to the test ordering between DynamicProvisioner and Retroactive StorageClass Assignment
4a876e21bce fix: params typo
7e977d824cf update the github.com/golang-jwt/jwt/v4 dependency
dd1300df986 📝 output log when server shutdown is failed
7280d58f856 Don't allow to tolerate flakes
b577972a551 set user.DefaultInfo.UID from x509 cert
4e21f535475 Add test case for service with same named port for regular and sidecar containers
e637659d893 Fix named ports of restartable init containers don't propagate to EndpointSlice
a6e995379af Add test cases for Service with restartable init containers
f87bcd9b3a8 fix: remove duplicated unit tests in JSONPatch and ApplyConfiguration
90922f5c946 Fix linting issue in test
a9c311b96a3 static pod upgrade test with hostNetwork
2581d2fadd2 Add self to sig-instrumentation leads
588408df1cd Bump konnectivity-client to v0.31.1
0ba8af9006f DRA: enable performance tracking with scheduler_perf
36f9ee958e2 proxy/util: remove unused function
179fa16f467 Remove user privilege checks from preflight tests
30a7664c3f5 Change way to create a pod in test
c725e18e079 feature(scheduler): more fine-grained QHints for interpodaffinity plugin
cd6f4153e05 Fix a bug in framework.IgnoreNotFound where it will panic when a function type's final input parameter is a "..." parameter.
22c3db6f7f9 Added unit test for validation check of sidecar containers
de8e8c5404c Add integration tests for event handling cases in scheduler_perf
7e067396c2a Build etcd image v3.5.17
36144e07085 test: add a check that a specific error has occurred.
49080bf02a1 Document the existence of nftables as a kube-proxy mode.
80ed375e373 Fixed time
8b90c9e885c lint
991651353d6 lint
fe46e47bd13 chore: update deprecated polling methods in apiextensions-apiserver
dc258e65ac1 memmanager:cleanup: drop `Experimental` prefix
3d069b2a8a6 Add myself to client-go reviewers
b1830bd1de2 Improve validation for missing storedVersion
5db88777c4f change the CapExec value to false by default
636419cdd7f Fix nil pointer dereference in selectable fields check When checking specVersion.SelectableFields, if specVersion is nil, a nil pointer dereference could occur. This change updates the conditional to use || instead of &&, ensuring that the check for specVersion being nil happens first, avoiding potential runtime panics.
50ed36229ce cleanup todo comment in node restriction integration tests
c478e4bd382 Add e2e tests
11594fabe64 csi: update snapshot controller to the v8.1.0
de6a43c43c5 generate
93d66a216fa Update API docs that are shared between VAP and MAP
a67cf0ba4da Add volume modificatoin recovery e2e test
b01b016668a Use Go 1.21 min/max builtins
6f97d063775 add device-plugin-test e2e log
e5fd9cfb189 Job: Remove JobTrackingFinalizer annotation specific testings
94f6422562e test:Fix typo
734c36851fb test:Add podgcCtrl to attachdetachClients
6910e766991 test:Add podgcCtrl to attachdetachClients
bf1b9c45ea9 add test for inmemory response writer
50f71e948c6 prevent unnecessary resolving of iscsi/fc devices to dm
e5ffba17bec Report event for the cases when probe returned Unknown result
4dcddabb7e1 update vendor
e2f62322586 preserve options after remount for bind mounting
49b479116f4 [e2e][webhook] Retry update webhook configurations
f97abdbee07 allow ContainerResource calculations to continue with missing metrics like Resource calculations
1b371d0d469 Add test for CEL reserved symbols without double underscore
b53ea554f88 Adds more flexible version of test ccm server
568255ac7d8 e2e_node: add test about container metrics from cadvisor
d9e278711cb Fix GetVolumeName for image volumeplugin and add unit tests for CanSupport
8e877096161 testes written for cache/listers.go
6e82d974510 fix: Ensure testForceDetachMetric works on the delta of ForceDetachMetricCounter
ee3e9a7bd44 apiserver: decrease timeout for TestKMSHealthzEndpoint
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3fa3f18083 |
podman: update to v5.5.2
Bumping podman.git to version v5.5.2-3-g87c980c6e2, which comprises the following commits:
4be1744dd6 Bump Podman to v5.5.3-dev
e7d8226745 Bump to v5.5.2
9664445ba6 Add release notes for v5.5.2
1a04ca36d2 Make podman.io update action reusable
1569c20982 machine init: fix tls check
881d48eae2 fix panic on state refresh
31639e85c6 RPM: Limit Epoch 102 to podman-next copr
149bec7392 Bump Podman to v5.5.2-dev
850db76dd7 Bump to v5.5.1
41dae619e8 Update release notes for v5.5.1
279c592378 Build the `dumpspec` test helper for the `buildah bud` tests
4ef6a8715c [v5.5] Bump buildah from v1.40.0 to v1.40.1
efa20372b4 Fix overlay volumes on Windows
61403afeaf Fix SQLite volume lookup queries matching too liberally
ee2370bc26 Handle "Entrypoint":[] in compat containers/create API.
d71fbe7ba8 Fix handling of "r_limits" in Podman REST API /libpod/containers/create
8e120c93bd specgen/generate: Fix log tag priority
c5ac361844 system df --verbose don't crash
d995e3eeaa docs: quadlet can translate names now
88890d3eb8 play kube: never add empty alias
45f62c0dcb podman system check: Fix error check logic
8542247538 libpod: don't force only network search domains
04447cc322 test/system: check --dns-option behavior
90c9c2271e vendor: update c/common to v0.63.1
10349a46c4 Trigger podman.io version bump from release action
bbed5a8e2e Update RELEASE_PROCESS.md
25e59c7dd2 Recreate the Rootfs in mountStorage for infra-container.
bcada3ec09 libpod: fix mount order for "/" volume
c2a8447e1f GHA Release: Fix windows installer uploads
5a647f154e fix macos compile issue with go 1.24.3
5141374193 Bump Podman to v5.5.1-dev
0dbcb51477 Bump to v5.5.0
712291aee8 Update release notes for v5.5.0 final
37f621579b Bump bundled krunkit to 0.2.1
5ad243a7da [skip-ci] Tighten version match
66283624bd Update win-installer github job for arm64
eecb4122f7 Build windows arm64 artifacts
04ee90dab3 Fix windows arm64 installer build
0dd745c86b Update winmake.ps1 to build arm64 artifacts
df4aed78a2 Remove providers checks from the Windows Installer
366538d98f Update "check.c" to be C23 compliant
5f59c8853a Update to gvisor-tap-sock-0.8.6
d358e91817 Fix running machines with volumes containing spaces
4cb4d121a6 Fix logging podman machine server9 output
82a1a22711 update podman socket output to include also exposed ports
45c9223be9 Automatically bump to -dev after tag
27beb100dc ci: Load null_blk for I/O limit tests
b85c312bc6 test/e2e: Use nullb0 for IO limit tests
1c82abd17b test/system: Use correct device for I/O limit tests
6bc2393df0 inspect: Ignore character devices for IO limits
ca382b1c8e Bump to v5.5.0-dev
3c4cf52142 Bump to v5.5.0-rc2
c7ad64cedc Update release notes for v5.5.0-rc2
3f43df2bdb Handle signal preventing Start from completing
1ea17b6fdd Fix mach os pr release action
b4047fced9 Makefile: move some Go-related variable definitions up
fdcbc0d479 pkg/bindings: wrap image push decode error
4767cff3ed pkg/bindings: fix infinite loop/memory leak in image pull
58a934313f Added tests for inheritlabel fix
b2a99aab3f Fix: inheritlabels=true if query param absent
325a79c724 libpod: fix a confusing error message from 'podman system reset' on FreeBSD
bd3ee58527 podman start: remove container if needed
7a9acf2d51 remote: don't print bogus error when starting container attached
2e01a0ac76 Bump to v5.5.0-dev
6a597e0e89 Bump to v5.5.0-rc1
2c1646b130 Update release notes for v5.5.0-rc1
c6a16e6f17 Packit: do not merge PR in CI
739577b57b Packit: re-enable fedora-41 targets
80993f2c3b fix(deps): update module github.com/docker/docker to v28.1.1+incompatible
10d768baaf Add inherit-labels option to Build API
76b07dd48d Bump to Buildah v1.40.0
75aec675d2 chore: use another script to get the version of gvproxy
ce0617eac4 Use gvisor-tap-vsock version from go.mod file
453a7a820d fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.28
9a0f013f0a Revert "cirrus: test only on f41/rawhide"
b0df21edef New images 2025-04-16
590e019240 fix(deps): update module github.com/docker/docker to v28.1.1+incompatible
71504eedfb Output headers for volume ls when empty
5494ac882a [CI DOCS] Touchup buildah-bud README.md
49b6faea09 chore(deps): update dependency setuptools to v79
4ba8cde41d Add HostName to quadlet pod
a7a7304c6f test: Fix expected output for runc on namespaces
1514e5cbcc feat: update vfkit binary to v0.6.1 in macOS installer
05e7eeaff4 fix(deps): update module github.com/docker/docker to v28.1.0+incompatible
6ac0a28564 Quadlet - support additional systemd unit relationship keys
fdfed9979f Add ability to set layer media type for artifacts
be937a4e20 Bump c/storage v1.58.0, c/image v5.35.0, c/common v0.63.0
3cbb718049 Fix compat API in rootless mode ignores ulimits
224e791161 Replace podman pause image with rootfs.
bc9110c69f Update podman-systemd.unit.5.md
e498c6526b Quadlet - translate dependencies on other quadlet units
69c2e68836 Fix directive `//nolint:revive` is unused for linter "revive" on ARM
8690b20732 .golangci.yml: rm legacy and common-false-positives
543a7ea062 pkg/bindings/containers: rm unused break
5f997a70bd cmd/podman/pods/create: fix break statement
b615011b44 docs: Expand description of no-new-privileges
7b30f19535 chore(deps): update dependency golangci/golangci-lint to v2.1.2
d9914ff27d Fix the fd leaking to aardvark-dns.
857b536507 test/system: add prefetch users to use cache image
1a6431674f [CI:DOCS] Add link to MAINTAINERS.md file in GOVERNANCE.md
f26765ceb0 update golangci-lint to v2.1.1
ae1e24f115 Two small updates to the Governance model
081629cf01 Update pre-commit-hooks and Codespell hook
d3e2ca57e4 libpod: stats catch ErrStatCgroup
86d7da8b08 vendor: update to latest c/common
a4856a6224 test/system: add debug for /etc/hosts restore flake
0849cbcf83 test/e2e: skip flaky restore into pod test
0fb78905c1 Revert "Instrument cleanup tracer to log weird volume removal flake"
0be44ccb20 test/system: add debug for healthcheck flake
0d4a148ee6 Quadlet - allow deleting the network when stopping the service
72fdc6476d test/system: remove pasta conditional
6c7179c652 rpm: require slirp4netns for podman-tests package
fe107ff0ce Quadlet - Add support for adding ExecReload command
521b2451c7 Correct units in init error message
7cbad232fe chore: make function comment match function name
9a723ff9f5 Fix windows path handling in podman cp
76a4fdc358 cmd: Fix help text. --config specifies a dir not a regular file
b2e45129b8 .github/labeler: add governance label automatically
1934c3a407 OWNERS: add nalind
4242951662 MAINTAINERS.md: sort by role
a96b29b58c docs: update DefaultDependencies description
85caf3fbb5 test: update README for system test
9cc7c2b4ab Make Go not panic on a partial container update
4e65ed5b72 hack/bats: remove OCI_RUNTIME reference
146f70d9fe Bump bundled krunkit to 0.2.0
7633a9a143 fix(deps): update module golang.org/x/net to v0.39.0
7e1ea74813 Maintainers.md: fix two github nicks
85024a9ba7 libpod: --user works with --hostuser entries
254ab3b90f test/system: do not check dns.podman
6bb1d0837f fix(deps): update module golang.org/x/crypto to v0.37.0
acbfc3c259 fix(deps): update module github.com/onsi/ginkgo/v2 to v2.23.4
27b3781201 fix(deps): update module golang.org/x/term to v0.31.0
8d1c373475 quadlet kube: consider empty pod as running
f87ab2b7a6 fix network DB desync after failed connect/disconnect
c0845ed55b fix(deps): update module github.com/moby/sys/user to v0.4.0
5148cf3c14 [skip-ci] Update actions/create-github-app-token action to v2
72acbc804a Add documentation describing how to triage issues
9d4e820264 Use golangci-lint fmt for pkg/bindings
055fc82bd2 Makefile: exclude seccomp build tag for !linux
a8dd9bc1ed Makefile: use GOOS/NATIVE_GOOS instead of uname -s
b959ca3577 .cirrus.yml: add golangci-lint cache for freebsd task
c958d5b3ba .cirrus.yml: upsize the freebsd instance
f18c917ef8 ci: run golangci-lint on freebsd
b5a1b512c9 Fix overwriting the Healthcheck configuration from the image
1f90cc1126 docs: update pasta options description
64f822f857 docs: delete the duplicated phrase in introduction page
9277643ead Set the IDMappings also when RootfsOverlay is used.
fbb118ed7e cirrus: save/restore golangci-lint cache for linux
403d126ac8 hack/install_golang.sh: revamp
7882de95ff libpod: fix whitespace linter issue on freebsd
421ee18e18 libpod: add a nolint:wastedassign annotation
5f582e9f11 pkg/emulation: add linux build tag for elf
8c0c1c8906 libpod: fix wastedassign warning on freebsd
30fd68cb23 libpod: rm some unused freebsd code
8754687b55 libpod: move linux-specific code to _linux.go
c1c963affe libpod: fix unconvert linter warning
6bf1923f3e pkg/specgen: fix ST1019 on freebsd
118670b31f pkg/specgen/generate: fix S1002 on freebsd
0eea1cb297 libpod: don't capitalize error string
66c7efdb6b libpod: use context.TODO to fix SA1012 on freebsd
4165877c58 libpod: gix a govet warning on freebsd
851bd141af Fix errcheck warnings on freebsd
8fd7143e36 cmd/podman-testing: fix freebsd compilation
c6189c5b51 test/checkseccomp: add linux build tag
f589811073 pkg/rootless: fix ST1005 warning for freebsd
783f0c8076 fix(deps): update module github.com/onsi/gomega to v1.37.0
f1f84320a2 Add initial draft of Podman project Governance
83cf9ee8a9 Update roadmap for 2Q 2025
84203fa6ce Update links and markup in man pages
040385ef9b chore: fix function name in comment
8db52f8984 Add autocomment for `needs-info` label
6c950bdb40 Remove unused code and data structures
684126e426 Suppress failing bud tests in remote
275e77d1fa test/tools/vendor: drop ginkgo
3d12f1e2ed Update vendored c/buildah to 32d78c69be17
74356e1b5a config: use ErrInvalidName
c27195ea65 fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.3
51bb71d1b3 vendor: bump c/common to 9b0d134f392
66b2bf83d9 fix(deps): update github.com/openshift/imagebuilder digest to e87e4e1
6703564339 fix(deps): update github.com/opencontainers/runtime-tools digest to 260e151
4eb75f68cf test/e2e: fix unused linter warning
dac3fa2f97 pkg/specgen/generate: fix unused warning on freebsd
18fdbaee80 pkg/machine/qemu: fix ST1016 linter warning on freebsd
c860e67884 cmd/rootlessport: add missing linux build tags
061e1a17a9 pkg/rctl: fix fprintf statement
1739b7170e pkg/systemd/quadlet: rm splitPorts
c9b108d5b3 Bump golangci-lint to v2.0.2
8bd73b7d2c pkg/machine/wsl: rm unused structures
2861bc3702 pkg/machine/qemu: rm unused code
9f0032d3fd pkg/machine/shim: fix unused warnings on windows
d9090645c3 pkg/machine: fix various linter warnings
4638d434bc pkg/machine/wsl/wutil: fix imports formatting
c1f9c0b127 pkg/machine/e2e: fix unparam warnings
7c175064da libpod: rm nolint annotation
032250a478 pkg/binding/images: rm dead code
486327e2b9 pkg/bindings/images: fix linter warning on Darwin
6b1033eaa0 libpod/events: refactor to eliminate unused code
91113c46ef test/utils: suppress ST1001 warnings
0f975f8526 ci: rm allow-unused from nolintlint settings
bed6ee6bb7 pkg/machine/e2e: move windows-specific function to windows file
cc4d904dd2 Fix QF1012 staticcheck warnings
f4f2580b0d ci: remove stylecheck linter
5aa035c69c libpod: fix a few minor staticcheck warnings
0105131b5c Fix QF1003: could use tagged switch" staticcheck warning
0dddc5e3c0 Apply De Morgan's law
b1010808ed .golangci.yml: remove exclude-dirs
1a9cf6b9db .golangci.yml: rm exclude-files
f3e7b26fdd .golangci.yml: remove some linters
c72526cd9c .golangci.yml: switch to list of enabled linters
4a7785d4df docs: Update `podman build` security options
af19eeaeb4 add additional external container fiters
8ef234aedd remove github.com/buger/goterm dependency
0b1d3a963d chore(deps): update dependency setuptools to v78
590316beb6 update markdown documents with command filter
0a0c8ad6f4 Improve the file format documentation of podman-import.
3872293893 Revert "podman-import only supports gz and tar"
571e0d52b3 Update c/image after https://github.com/containers/image/pull/2795
ba88febf33 Don't block builds on podman-testing growing in size
4264bf6876 remove github.com/google/gofuzz dependency
19b4c3c1b7 fix(deps): update module golang.org/x/net to v0.38.0
8cef2f4d10 Enhance issue reporting template
f07a95da0e test/compose: use 4 spaces indentation
9f422e1a77 test/compose: use cdi option over mount
926ad1172e test/compose: remove cni reference
ea1eeb523f remove github.com/crc-org/crc/v2 dependency
49c42d06dc pkg/machine/apple: simplify restNewEndpointToCmdLine()
5ad70c9c56 Don't depend on github.com/crc-org/vfkit/pkg/rest
60692ca350 Remove exclude_graphdriver_devicemapper build tag
12ccbea1aa remove unused method references
a776c1d82a pkg/machine/vmconfigs: simplify IsFirstBoot
392a8f4ac5 test: Fix runc error message
dce36131ae Add cdi-spec-dir option to top level options.
4bea200b26 podman logs: allow options after argument
a0cae65c13 quadlet: add support for the UpheldBy option in the Install section
2ba7a87df1 [skip-ci] Packit: Ignore ELN and CS jobs
44cbefff5d fix remove unnecessary err check
ea5ed2a875 fix: mounting issue with single character volume on windows
e61f1a44d6 pkg/machine/e2e: add missing withImage()
9b9c60d814 CI: use z1d instance for windows machine testing
1f3347ff3c test: re-enable idmapped mounts test on vfs
7f592742b8 vendor: update c/{common,storage}
f94d613556 Fix container clone with configured Healthcheck
f15b0887c7 Add support for pids-limit annotation for podman kube play.
08a1c6d91e Add support for Retry= and RetryDelay= to Podman Quadlet.
6e28bdcf25 GHA: Open PR to podman-machine-os on releases
321634d599 Add volume SubPath in generate kube
7ca96702ee buildah-bud: skip bud-with-mount-cache-like-buildkit
bf0a5ee3cf docs: Use accurate max size of secret content
10290d462b docs: Improve spelling and formatting
fa0e5af542 fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.5
68e0a6c89a Clarify behavior of --health-timeout in man page
f5fbb4215d vendor: update c/{common,buildah} to main
999a11c8b1 replace deprecated selinux/label calls
a0acdb837b New images 2025-03-24
6df50bec87 fix(deps): update module github.com/onsi/gomega to v1.36.3
f91aca8ebc vendor: bump c/common to dbeb17e40c80
f1527283d6 Make exec support --cidfile.
042c1ffa0b pkg/machine/e2e: use testimage
260035d069 vendor: update common and buildah
701aade262 Add --env and --unsetenv to podman update.
5e66d38c9d Do not set arch for windows to amd64
0ca539c3ab chore(deps): update dependency setuptools to v77
88b62d2c27 vendor: update c/common
67165d8fc2 Fix some code blocks in documentation
51ca839c14 libpod: fix handling of additional gids in exec
c0627de21d container: replace code with securejoin.OpenInRoot()
a23511e341 vendor: update github.com/burntsushi/toml to v1.5.0
ac787b6691 Fix flake on machine cp e2e test
829cc591df chore(deps): update dependency setuptools to ~=76.1.0
16918614b5 fix(deps): update module github.com/opencontainers/runc to v1.2.6
1e4acff971 Update roadmap for Q1
b3fe3906bb test/e2e: skip idmapped mounts test with vfs
69dc0720b9 docs: add note about systemd df RECLAIMABLE bug
97cab8c9c0 test/system: add systemd df regression test
38d6d1c560 vendor: update c/common to latest
39e3df6b55 fix(deps): update module golang.org/x/net to v0.37.0
2b813eef9d [skip-ci] RPM: Add riscv64 to ExclusiveArch-es
af29bb5b6e Update CI to run Windows unit tests
dd4f67fd72 chore(deps): update dependency setuptools to v76
f166f1503c Honor rootfulness when SSH-ing into named Machine
687fe08f42 Fix a potential deadlock during `podman cp`
bcc2063e9e test/e2e: use go net.Dial() ov nc
f8787bb219 test: use ncat over nc
1945506905 New images 2025-03-12
a2953dad10 libpod: improve createRootlessContainer
a1008a1294 libpod: add missing return in WaitForConditionWithInterval()
5207feebd4 pkg/domain/infra/abi/play.go: fix one comment
94cacea064 docs: fix some minor issues
76fe869dc5 fix(deps): update module golang.org/x/net to v0.36.0 [security]
87421d9508 Fix WSL installation check on Windows
fff42ac232 Fix HealthCheck log destination, count, and size defaults
18abb18c9a chore(deps): update dependency setuptools to ~=75.9.1
c05908a7f6 libartifact: NewArtifactStore() reject relative paths
9e94dc53b2 add new artifact mount type
f6e2d94409 test/e2e: improve createArtifactFile()
fe82fa85d2 pkg/specgenutil: rework volume/mount parsing
590bf8b79d pkg/specgenutil: unexport Mounts()
51cfcc65d5 correctly preallocate artifactDigests in ArtifactRm()
b232ea3d18 create artifact store in the libpod runtime
7c200a5f4c libartifact: add BlobMountPaths()
86a6539b76 libartifact: extract common code into helper
4cd19b7f7a libartifact: fix comment on Extract()
618e37794e libartifact: create FilterBlobOptions
91072dc940 Win installer test: hardcode latest GH release ID
82426caf8a packit: fix missing fedora arches
6ea7b192fa [skip-ci] Packit: Fix action script for fetching upstream commit
9eb4d27c5c packit: only build F41+
56e62948f7 go1.23: use std maps package
b23249635d vendor: bump to golang.org/x/crypto@v0.36.0
05fc9d2d6b cirrus: test only on f41/rawhide
f2606c4230 fix deprecated docker v28 types
91a08235d1 vendor: update docker v28 and c/{common,image}
2ffb3a19b3 vendor: update c/storage
c9c44d400c libpod: do not cover idmapped mountpoint
48662fa32b update gvproxy version to 0.8.4
41924f870f Prevents removal of `podman.sock` file using `podman system reset` command
02658bc4cc Quadlet - Propagate warnings and print errors and warnings as they occur
73799672cf docs: update how the machine os is upgraded
b762c15e1c Fix a few typos.
c6fe768176 Don't try to resolve host path if copying to container from stdin.
130bb21612 .github: remove cirrus rerun action
5283f956a5 Disallow mounting to certain destination /dir paths
5cd58742a2 Use svg for pkginstaller banner
1d304334dd pkg/util: remove redundant min/max helper functions
eed5f9ee4a libpod: race in WaitForConditionWithInterval()
d0efd0e278 libpod: race in WaitForExit() with autoremove
41dd3f2474 Automate release
945aade38b quadlet kube: correctly mark unit as failed
518773a616 pkg/domain/infra/abi/play.go: fix two nilness issues
04e8cd1eb1 kube play: don't print start errors twice
727542fc6c Replace old nginx image with podman hello
47079cd030 [CI:DOCS] Packit: clarify secondary status in CI
73cfef57b9 fix(deps): update module github.com/containers/buildah to v1.39.2
9e397d8e4d podman-import only supports gz and tar
7f4282a7e8 Update documentation for podman-machine-os-apply
47a743bba2 report healthcheck start errors
84c56243a2 [skip-ci] Packit/RPM: Display upstream commit SHA in all rpm builds
30d8fcbc03 fix(deps): update module github.com/opencontainers/image-spec to v1.1.1
1e9bfeb1f8 docs,kube: add configMap as supported volume option
511d912685 Add stopped status for HealthCheck
d5acda2a37 fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.2
7bcd9c066e chore(deps): update dependency pytest to v8.3.5
b18dcccb28 add filter for container command
67c876112b fix(deps): update github.com/vishvananda/netlink digest to 0af3215
baf176058c fix(deps): update github.com/digitalocean/go-qemu digest to ee9b066
b2d08f5b8f Use UnparsedInstance.Manifest instead of ImageSource.GetManifest
f8c702bd35 Rename copyImageBlobToFile to copyTrustedImageBlobToFile
20523152f8 Add "create" and "remove" events for secrets.
42fb942a6f Introduce `podman machine cp` command
f71067d710 Create quota before _data dir for volumes
716eb000fa Bump to latest c/storage main
316a5dc643 fix(deps): update module github.com/opencontainers/runtime-spec to v1.2.1
92c5b08ebd vendor: update github.com/go-jose/go-jose/v3 to v3.0.4
24af533082 fix(deps): update module github.com/containers/libhvee to v0.10.0
e8fc1e679a fix(deps): update module github.com/containers/buildah to v1.39.1
328c7260fc podman run: fix --pids-limit -1 wrt runc
bbc7f577aa chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security]
6796562b50 fix(deps): update module github.com/vbatts/git-validation to v1.2.2
ee3fc74baa fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.3
4dbbf264c7 Fix reporting summed image size for compat endpoint
e10df3dac7 fix(deps): update module tags.cncf.io/container-device-interface to v0.8.1
cbc73457ab Add --all to artifact rm
7030b559fb Define artifact error types
6ad2dc0590 wire up --retry-delay for artifact pull
7536620791 [skip-ci] Packit/Copr: Fix `podman version` in rpm
4695564730 oci: report empty exec path as ENOENT
b43863ae2a docs: warn about adding capabilities
a8caebb5a3 Add documentation describing issues and support
c65bb903b6 test: adapt tests new crun error messages
35d2a65e3a test: remove duplicate test
0f443f22ca Add syncmap package and use it for graph stop/remove
1c13a71641 Update CONTRIBUTING for main branch
bbb94249ed fix: reduce logs noise when attach input on `ExecStartAndAttach`
543be25ef3 quadlet: support `Memory=` in `[Container]` sections
22da944e4a Parallelize buildah bud tests
c278db873f cirrus: use fastvm for buildah_bud
3de18b537e test/buildah-bud: run bats in parallel
88073c56d5 update github.com/spf13/cobra to v1.9.1
a5de5959cb fix(deps): update github.com/containers/storage digest to b6f6fb2
f290149b70 fix(deps): update module github.com/opencontainers/runc to v1.2.5
77737132a5 Revert "silence false positve from golangci-lint"
035fff5fd2 update golangci-lint to v1.64.4
5c17f7a650 chore(deps): update docker.io/library/golang docker tag to v1.24
731ef3ff9c cirrus: bump timeout for macos/win machine tests
07e53673f6 cirrus: figure out DEST_BRANCH automatically
6167d286eb fix(deps): update github.com/hugelgupf/p9 digest to 6f4f11e
3b5d7d1e64 artifact extract: support reflink copy
525b11e4c7 vendor latest c/storage
986fc9f465 update golangci-lint to v1.64.2
8b6f14f95b silence false positve from golangci-lint
34de0feda5 cmd/podman: refactor Context handling
78717e6ae9 fix new usetesting lint issue
fdd442cbdf Create `--append` flag to add file to existing artifact
a17175eb3a Cleanup test
ce8813dc8d Remove persist directory when cleaning up Conmon files
3925a30fa7 add podman artifact extract
79be095795 docs: add v5.4 to API reference
ad9839ac55 Run HealthCheck without creating and removing the ExecSession in the database
a6d6d6409e Bump FreeBSD version to 13.4
a2380bca1e fix(deps): update module golang.org/x/tools to v0.30.0
f906c6df57 Switch to the CNCF Code of Conduct
74a100f542 fix(deps): update module golang.org/x/net to v0.35.0
7e612f6ebb test/system: remove tar version check
d13915f87a new images 2025-02-10
cb53abca28 In SQLite state, use defaults for empty-string checks
ab0410948a libpod: make hasCapSysResource platform-specific
3c3baefa8c Update rpm/podman.spec
5bada90190 test/apiv2: fix registry push flake
f73c976bca fix(deps): update module golang.org/x/crypto to v0.33.0
b06c7d78d3 [skip-ci] RPM: set buildOrigin in LDFLAG
91e4f6918a Remove the option to install WSL/HyperV
dce52b3e77 Improve winmake.ps1 clean target
b4fc9cd14d Makefile: escape BUILD_ORIGIN properly
1d4c67751c fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.2
30ed3293c4 fix(deps): update module google.golang.org/protobuf to v1.36.5
1d220b99da [skip-ci] RPM: cleanup macro defs
46d874aa52 Refactor graph traversal & use for pod stop
2f710723df images: fix segfault when mounting without cap_sys_admin
c06dba4845 rootless: fix hang on s390x
e5bcd6542e Add tests for chunked pulls
27ccfef3a1 Don't use all of tempdir as podman's --tmpdir
165d5c3062 fix(deps): update module golang.org/x/sync to v0.11.0
03b9f87c7d fix(deps): update module golang.org/x/term to v0.29.0
e7a0032ec3 fix(deps): update module golang.org/x/sys to v0.30.0
52febf6a0a Fix flake test: podman pause/unpause with HealthCheck interval
ad0c092616 Bump version to 5.5.0-dev
6f9fb4392c fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.1
6c06577455 artifact: only allow single manifest
297e8a3476 Add `machine init --playbook`
dcdf82e943 test/e2e: improve write/removeConf()
bc2763eac8 Add --noheading to artifact ls
35c72bb18e Bump to Buildah v1.39.0
26b5864648 rpm: add attr as dependency for podman-tests
06fa617f61 Lock pod while starting and stopping containers
89283c6fcc update gvproxy version
dae1541529 Force use of iptables on Windows WSL
509c80d5bd fix(deps): update golang.org/x/exp digest to e0ece0d
400645bf10 fix(deps): update github.com/vishvananda/netlink digest to 7c2350b
211d3ea3cf Bump c/storage to v1.57.1, c/image v5.34.0, c/common v0.62.0
d575ae12f8 Add --no-trunc to artifact ls
bd061aa2d5 Add type and annotations to artifact add
4a0006db33 cirrus: ensure HOME is set in postbuild.sh
18e29076f7 pkg/api: honor cdi devices from the hostconfig
1c0f5b0475 new images 2025-01-31
f0ef791808 podman exec: correctly support detaching
3eb0e1e8ac libpod: remove unused ExecStartAndAttach()
be6fa68296 [skip-ci] RPM: include empty check to silence rpmlint
e2eb8e4a86 [skip-ci] RPM: adjust qemu dependencies
d3706bcad1 Add BuildOrigin field to podman info
51fd6e906c fix(pkg/rootless): avoid memleak during init() contructor.
1f3182009a util: replace Walk with WalkDir
398377fd97 Move detection of libkrun and intel
4eeaedfe13 Prevent two podman machines running on darwin
27386be189 fix(deps): update module github.com/spf13/pflag to v1.0.6
e893747cf3 Remove unnecessary error handling
c0aab0a85a Remove usused Kind() function
511c8b249d Remove timer for HealthCheck when container is paused.
513b4aaceb Safer use of `filepath.EvalSymlinks()` on Windows
357f76daae error with libkrun on intel-based machines
0eefdbe30e fix(deps): update module google.golang.org/protobuf to v1.36.4
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Chen Qi
|
962471bc70 |
docker-distribution: fix build for 386
The build error could be reproduced by using qemux86 as the MACHINE or using qemux86-64 as the MACHINE and then running 'bitbake lib32-docker-distribution'. The root cause is the wrong file (s3_64bit.go) is imported. Fix the tag matching to ensure s3_32bit.go is imported in case of 386. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Chen Qi
|
51e50ba710 |
docker-distribution: get rid of unknown in version output
The '+unknown' is a deliberate design which is expected to be overridden at build time by VERSION environment variable. However, after the following commit, things cannot be overridden. a74cacf (version: export getter functions) This is because variable beginning with small letter is a private one and cannot be exported or overridden. An issue has been filed for upstream: https://github.com/distribution/distribution/issues/4627 Before that issue is resolved, we need to sed the file manually. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
f762ab75d9 |
docker-distribution: update to v3.0.0
Bumping distribution to version v3.0.0-20-gda404778, which comprises the following commits:
b09be3d6 build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2
dde1e49f Changes: Append a UUID to ensure uniqueness Join delete error
c460aa63 fix: Annotate code block from validation.indexes docs
a5a6f1ba To address the issue where empty files are created when the write process is interrupted, the solution involves writing to a temporary file first and then atomically renaming it to the target file. This ensures that the target file is only updated if the write completes successfully, preventing empty or partially written files.
4aab88fe fix: implement JWK thumbprint for Ed25519 public keys
5a71303e build(deps): bump golang.org/x/net
78456caf Fix: resolve issue #4478 by using a temporary file for non-append writes
a6ce1a79 chore: make function comment match function name
fcb2deac feat: extract redis config to separate struct
ea6ab365 fix newClient in azure storage provider
ceafb041 Update releases/v3.0.0.toml
6266adaa Prep for v3 release
fd14cf19 Vrify the linter config first before running it
3a33ba12 Fix golangci-lint config
52f0f6c4 Bump Azure deps
05b308bc build(deps): bump github.com/golang-jwt/jwt/v5
be2025a8 Prep for v3-rc.4 release
19934b8f fix: leak
6be526be build(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2
896fec50 build(deps): bump golang.org/x/net
d7b8fb6a Bump Go version in prep for the next release
26b983c7 More renames
31c02216 Rename cloud make targets to s3
2ffa1171 Azure driver fix
b30274f2 use cached blob statter in ManifestService if available
b2cc4fe1 fix: define types for inline structs
6599be4f Update com.docker.registry.plist
bb0253d1 Update osx-setup-guide.md
7884c712 Add code comment
e20645c0 Enable MD5 check on GCS driver
fc3dd55d build(deps): bump github.com/go-jose/go-jose/v4 in the go_modules group
64f780f6 Explicitly return zero value instead of partially filled struct
da2bbf04 build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1
484fa043 build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1
0762a1bb Fix error message for unsupported signing algorithm by not overriding var
70d99154 Fix signing algorithm configuration for token authentication
198db9cb Prep for v3-rc.3 release
7098b3f4 Bump Go version
6ed60b0f Apply suggestions from code review
53c38264 Remove named returns and fix linting woes
2a491b35 docs/garbage-collection: document --delete-untagged and --quiet options
a032989b registry/storage: add option to quiet GC output.
f4a500ca Fix registry token authentication bug
4c5e3945 ci: fix bake build
808f0b89 ci: update bake-action to v6
825eeb03 build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0
f1e33060 Fix conformance upload issue:
38fd91a4 (security): Bump golang.org/x/net module
c4a60446 Prepare for rc2 release
d85819c0 build(deps): bump actions/upload-artifact from 4.3.6 to 4.5.0
41a906f0 fix(configuration): replace string literals with constants in tests
96c9a85b fix(configuration): replace string literals with constants in error
328f802b fix(configuration): replace string literals with constants
916bdeae feat(configuration): support mtls auth mod
96a3daaf Move a direct dependency to direct deps required modules
fb3ba302 chore: Bump alpine and Go versions
6eba54be build(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0
183919ce Update squizzi maintainer email
179e902f update xx to v1.6.1 for compatibility with alpine 3.21 and file 5.46+
1d104a93 [docs] Explain how to configure a list through env variables
4dfab838 build(deps): bump codecov/codecov-action from 4 to 5
abbe03ef Upgrade go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
4118c80a Prep for v3-rc.1 release
3ac22856 Bump otel dependencies
bd52394e Update lint.Dockerfile
da2f24e2 docs: update hugo and theme versions
5ee5aaa0 fix(registry/storage/driver/s3-aws): use a consistent multipart chunk size
3996413f Bump google storage module
1c26d98f Bump dependencies
7b3e6d50 docs: Update to refer to new image tag v3
b9b96d9d Bump Go version in Dockerfiles
6df0fd94 Bump go version in go.mod
88579792 Fix a typo in GHA build workflow comment
be0051c4 Run vendor on 1.21
997c29db ci: fix GHA CI build matrix
2e7482cb avoid appending directory as file path in s3 driver Walk
e44d9317 test s3 driver walk of empty dir
3f4ec64f Add validate action to validate api docs Signed-off-by: Pratik <pratikgparikh@gmail.com>
5e59a648 fix existing doc first Signed-off-by: Pratik <pratikgparikh@gmail.com>
0ab7f326 replace uses of Descriptor alias
92b483ef Make Descriptor an alias for oci.Descriptor
fdb5abb9 docs: removed description of ELB as an example of an not sophisticated Load Balancer
b53946de fix: Add the token's rootcert public key to the list of known keys
63cfb187 Add a note regarding redirects to pre-signed URLs
4a0e027e TestProxyManifestsMetrics: use actual size of manifest
38553eaa chang docker-compose to docker compose
49fad517 chang docker-compose to docker compose
e41848cc chang docker-compose to docker compose
4615d302 Remove deprecated version field
a940e616 Fix silly testing format mistakes
170ac07a chore: bump golangci-lint and fix govert issues
44ddae31 build(deps): bump github/codeql-action from 3.26.3 to 3.26.5
b2626e06 Build artifacts and images for linux/riscv64
aabceeb9 build(deps): bump github/codeql-action from 3.26.2 to 3.26.3
eed9400d feat: support custom exec-based credential helper in proxy mode
d8199f45 chore: fix typo in rewrite storage middleware init
2f86b475 build(deps): bump github/codeql-action from 3.26.0 to 3.26.2
64b036e0 build(deps): bump github/codeql-action from 3.25.15 to 3.26.0
786c5836 build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6
b3f4f327 build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.5
32e5b044 build(deps): bump github/codeql-action from 2.22.12 to 3.25.15
db5c303e fix: skip removing layer's link file when '--dry-run' option spcified
70e0d885 auth: fix token verification chain
ba8e539b Use `x.y.0` format for the go module version
b6016d78 build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0
f072af95 build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
91eda593 chore: fix typos returned in some errors
8619a11f fix nil pointer in s3 list api
d4f611df build(deps): bump docker/bake-action from 4 to 5
a8d423dc build(deps): bump actions/configure-pages from 4 to 5
3fe99ca2 build(deps): bump softprops/action-gh-release from 1 to 2
1e89cf78 deprecate Versioned in favor of oci.Versioned
a18cc8a6 S3 driver: Attempt HeadObject on Stat first, fail over to List
3d0239ac manifest: slight cleanup of init / registration
f1c8c414 Descriptor: do not implement Describable interface
671184e9 Remove ManifestBuilder interface
c345425f ci:bump Go version
9ba73406 vendor: github.com/opencontainers/image-spec v1.1.0
eb6123f5 fix logic for handling regionEndpoint
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
e1fa9062b6 |
docker: update to v28.3.0
Bumping moby to version v28.3.0-2-ge0183475e0, which comprises the following commits:
a2af8bdebd gha/bin-image: add major and minor version image tags
b2a9318a1e docs: cut api docs for v1.51
8c713c1af4 gha: lower timeouts on "build" and "merge" steps
8e7ea470cf vendor: update buildkit to v0.23.1
222baf4ccb vendor: github.com/moby/buildkit v0.23.0
0e0ca09ddc daemon: containerStop: fix ordering of "stop" and "die" events
e62b0e2234 vendor: github.com/opencontainers/cgroups v0.0.3
06ab9cd1ed daemon/config: Validate: add missing validation for registry mirrors
97aa4e8550 registry: ValidateMirror: improve validation for missing schemes
e18a9c95b8 Update containerd to v2.1.3
09fef2b26e api/types/container: deprecate ExecOptions.Detach
44c8cd2e8f vendor: update buildkit to v0.13.0-rc2
78b6204f9e vendor: github.com/moby/swarmkit/v2 v2.0.0
cf98237186 vendor: github.com/moby/swarmkit/v2 v2.0.0-20250613170222-a45be3cac15c
fd96b01b0e pkg/idtools: deprecate IdentityMapping, Identity.Chown
987b8a88a6 c8d/push: Extract shared push logic
d9e7b86de4 c8d/push: Fix fallback single-manifest push not creating a tag
53d12c96f8 vendor: github.com/containerd/containerd/v2 v2.1.2
aac0260d21 Fix flaky test TestDaemonRestartRestoreBridgeNetwork
cfcbfabb0f api/image/list: Return `Containers` count
6d737371b8 fix comparison rule from errorlint
941d09e265 Handle error message from token server with containerd backend
e4e7fcf668 vendor: github.com/moby/buildkit v0.23.0-rc1
d3d20b9195 integration-cli: TestCopyFromContainerPathIsNotDir: adjust for win 2025
cf86f3a082 vendor: github.com/containerd/nydus-snapshotter v0.15.2
9a85f50aaa vendor: github.com/pelletier/go-toml/v2 v2.2.4
1764909076 vendor: github.com/fsnotify/fsnotify v1.9.0
102adcab57 vendor: github.com/containerd/console v1.0.5
5230692cad vendor: cloud.google.com/go/longrunning v0.5.5
5fb6604642 vendor: google.golang.org/api v0.160.0
d2954c4e05 vendor: otel v1.35.0, otel/contrib v0.60.0, grpc v1.72.2
05f892190c vendor: github.com/prometheus/client_golang v1.22.0
952cddd05b vendor: google.golang.org/protobuf v1.36.6
ccf5f8036c vendor: golang.org/x/sys v0.33.0
c81e03bc0b vendor: golang.org/x/sync v0.14.0
05e8b1701c daemon/containerd remove leftover schema1 compatibility code
2ff281e33a daemon/containerd: update link to containerd code
d54f713d95 daemon/containerd: rename var that shadowed type
8e6cd44ce4 daemon: ensuring state of stopped container is visible to other queries when container is stopped and before API response is sent (fix for https://github.com/moby/moby/issues/50133).
7acb079403 Revert "libn/networkdb: don't exceed broadcast size limit"
0df31cf585 Revert "libn/networkdb: fix data race in GetTableByNetwork"
83b2fc245d Revert "Fix possible overlapping IPs when ingressNA == nil"
e079583ab4 Revert "libnetwork/networkdb: use correct index in GetTableByNetwork"
cfd5e5e4d4 Revert "libn/networkdb: b'cast watch events from local POV"
576cf73add Revert "libn/networkdb: record tombstones for all deletes"
2297ae3e64 Revert "libn/networkdb: Watch() without race conditions"
cc60ec8d3c Revert "libn/networkdb: stop table events from racing network leaves"
b5b349dbd6 Revert "libn/osl: drop unused AddNeighbor force parameter"
35916f0869 Revert "libn/osl: refactor func (*Namespace) AddNeighbor"
3eb59ba5a2 Revert "libnetwork/osl: remove superfluous locks in Namespace"
5d6ae34753 Revert "libnetwork/osl: stop tracking neighbor entries"
ea818a7f6f Revert "libnetwork/internal/setmatrix: make keys generic"
78ccc20545 Revert "libn/d/overlay: use netip types more"
23c56099ee daemon/logger/loggerutils: use defer to fix gocritic "badlock" linter
0069360e3b volume/mounts: windowsDetectMountType: rewrite using switch
027355d7b3 container/stream: TestRaceUnbuffered: put unused testing.T to use
2bbf5f5a39 daemon/containerd: ImageService.resolveImage: cleanup resolve by name:tag
2e25775c83 libnetwork: Replace deprecated usages
3dd8f03f25 vendor: go.etcd.io/bbolt v1.4.0
55f47f9e34 Windows: don't try to load "mirrored" network plugin
20b6075380 fix badCall from go-critic
10c4715a62 openrc: allow customizing containerd service name
c466ae0f71 fix badLock from go-critic
19f5ac3c81 fix initClause from go-critic
aa632664b6 fix mapKey from go-critic
5ad4e4edf7 fix deprecatedComment from go-critic
b8a4f6534f fix stringsCompare and stringConcatSimplify from go-critic
a62de57aa1 fix sprintfQuotedString from go-critic
bc9ec5fc02 fix emptyStringTest from go-critic
469afa5f8f fix httpNoBody from go-critic
8f7faa01d1 fix boolExprSimplify from go-critic
e5be7b54b1 fix yodaStyleExpr from go-critic
64075850fc fix go-critic linter
793dd8385a Only "prune" Windows networks created by Docker
071d27cd3d Add contributor guidelines for where to put source code in packages
1603ad636e update to go1.24.4
9b5d8cd186 fix thelper linter
ea581c96b9 Validate BIND_DIR variable in Makefile
e32715ec03 Added support for AMD GPUs in "docker run --gpus".
6bac5ca833 Set EnableIPv4=true in overlay network inspect response
27f2e0ecc5 api: bump to 1.51
bd20bfdc41 all: remove redundant import-aliases for "go-winio"
f85394dd5d api: image inspect: add back fields that did not omitempty
284904119a Dockerfile: update cli to v28.2.2
8ba832cc8f docs/api: swagger: quote maxUint64 example value
affe1d6335 api/swagger: quote maxUint64 example value
b6fa565cba libnetwork/resolvconf: Build: decorate error for invalid nameservers
35e062dde1 libnetwork/resolvconf: rewrite TestBuild tests to a table-test
16ed51d864 libnetwork/networkdb: always shut down memberlist
c1a27ea5af pkg/stack: remove // import comments
dd382769bd pkg/rootless: remove // import comments
ce191648c7 pkg/useragent: remove // import comments
ad1a388895 pkg/tailfile: remove // import comments
b6f99f6d7f pkg/stringid: remove // import comments
ca2cca1286 pkg/stdcopy: remove // import comments
225b7ca6b7 pkg/progress: remove // import comments
0f9818ad03 pkg/pools: remove // import comments
f0f4fa0038 pkg/plugingetter: remove // import comments
5f4da92972 pkg/platform: remove // import comments
7a703f3772 pkg/pidfile: remove // import comments
511cf09e75 pkg/namesgenerator: remove // import comments
864e3f9348 pkg/longpath: remove // import comments
cc329af619 pkg/jsonmessage: remove // import comments
0c70c762b2 pkg/streamformatter: remove // import comments
fd8b6a24ab pkg/tarsum: remove // import comments
17845556f2 pkg/system: remove // import comments
18a1b61b49 pkg/sysinfo: remove // import comments
126246ae39 pkg/plugins: remove // import comments
0380c952a6 pkg/parsers: remove // import comments
4800a9b50d pkg/ioutils: remove // import comments
ca3982adea pkg/homedir: remove // import comments
c93f18e0b8 pkg/fileutils: remove // import comments
6a9f7c543c pkg/authorization: remove // import comments
a4411f497f errdefs: remove // import comments
0ea03c4add opts: remove // import comments
7ce4e9685a oci: remove // import comments
23009a700a testutil: remove // import comments
fe1bc3e7fd runconfig: remove // import comments
4656712b82 restartmanager: remove // import comments
134f20c828 reference: remove // import comments
97b20f6b79 registry: remove // import comments
2548254317 quota: remove // import comments
66055ea07c plugin: remove // import comments
3bbb38f1d2 volume: remove // import comments
021dd75bc4 libcontainerd: remove // import comments
fe34e89992 layer: remove // import comments
9abf9f2d0d internal: remove // import comments
4970333621 integration: remove // import comments
a4b0d32fa6 integration-cli: remove // import comments
7eecd04c7b image: remove // import comments
c1a3c51d9e dockerversion: remove // import comments
c7cb2d9783 distribution: remove // import comments
5318877858 daemon: remove // import comments
076e98e8f3 daemon/links, daemon/network: remove // import comments
2b42088bd5 daemon/listeners: remove // import comments
241e0bca8b daemon/events: remove // import comments
27956106d5 daemon/config: remove // import comments
69c34390c0 daemon/logger: remove // import comments
7d4caf4ba8 daemon/images: remove // import comments
9876c9fbcf daemon/graphdriver: remove // import comments
986ec3f877 daemon/cluster: remove // import comments
89aa33001e container: remove // import comments
d469079338 cmd: remove // import comments
c6bbc3bb6e builder: remove // import comments
4856e8ffad client: remove // import comments
bf9d739561 api: remove // import comments
fca97dae9d libnet/d/overlay/overlayutils: prevent uint32 overflow
3d8195a20f daemon/logger/fluentd: cap max-retries to MaxInt32
404f29c42d gha/bin-image: Don't push sha tags
7994426e61 Revert "containerd: images overridden by a build are kept dangling"
a2652d4b81 Don't set up iptables chain DOCKER-USER when using nftables
d3289dda4b Add nftables NAT rules for internal DNS resolver
c299ba3b38 Update worker.Platforms() in builder-next worker.
6889039d76 Fix silent stop on error due to using output redirection together with `set -eu`.
d6620915db portallocator: always check for ports allocated for 0.0.0.0/::
027588eba0 builder: Pass cdi cache instead of CDISpecDirs
bc6bc7aafa daemon/cdi: Log not found dirs as INFO
9856bf52a2 daemon: Configure default CDI cache
ae2fc2ddd1 PortAllocator: Use netip.Addr instead of string as map key
19dc38f79b Listen on mapped host ports before mapping more ports
dc519a0f18 iptables: Drop explicit RETURN rule from DOCKER-USER
148a19b6d6 seccomp: Require CAP_SYS_ADMIN for lsm_* syscalls
0ab8108b57 seccomp: Fix typo in lsm_set_self_attr
21a165de23 Use env-var DOCKER_FIREWALL_BACKEND=nftables to enable nftables
637e8142ce clean up golangci-lint config for deprectated errdefs.*
37caf3881a volume: replace uses of errdefs package
08768e4d9d testutil: replace uses of errdefs package
416dc8c1bf runconfig: replace uses of errdefs package
8803b58259 refernce: replace uses of errdefs package
dcf253ffe2 plugin: replace uses of errdefs package
8561016335 libnetwork: replace uses of errdefs package
f06c450a8e libcontainerd: replace uses of errdefs package
528f2284ee integration-cli: replace uses of errdefs package
14852fcd82 integration: replace uses of errdefs package
a1a789dbd0 image: replace uses of errdefs package
6ee53a6831 errdefs: replace uses of errdefs package
083ccfa486 distribution: replace uses of errdefs package
55da8ea276 daemon: replace uses of errdefs package
364d8d8b31 container: replace uses of errdefs package
415fc7b41e builder: replace uses of errdefs package
f0eaf228c1 api: replace uses of errdefs package
f98b7005d2 remove fallback for non-OCI-compliant docker.pkg.github.com registry
048199f191 Dockerfile: update cli to v28.2.0-rc.2
d188df0039 libn/d/overlay: use netip types more
0317f773a6 libnetwork/internal/setmatrix: make keys generic
e48ea1c6e0 Make integration tests ready for nftables
f9f0db0789 Add nftables support to testutil SetFilterForwardPolicies
7ea0e60dde Skip test TestBridgeINCRouted in rootless mode
0d6e7cd983 libnetwork/osl: stop tracking neighbor entries
9866738736 libnetwork/osl: remove superfluous locks in Namespace
b6d76eb572 libn/osl: refactor func (*Namespace) AddNeighbor
3bdf99d127 libn/osl: drop unused AddNeighbor force parameter
f834a0bd82 vendor: github.com/miekg/dns v1.1.66
4da3b4bf2d run/pull: Warn/reject AI model images
339be4e2ae Dockerfile: install nano as alternative to vim
588a05a1ce docs/api: Cut docs for API v1.50
94daa36f03 libnetwork: don't reinvent mutexes
cd2702e04e Dockerfile: update compose to v2.36.2
01fec904e4 Dockerfile: update buildx to v0.24.0
072483f9d7 c8d/delete: Require --force when deleting platforms
30da69d694 c8d/delete: Support deleting specific platforms
acf6b6542e daemon/images: Make ImageDelete take opts struct
871675be9b c8d/delete: Extract untagReferences
153b16ad27 c8d: Extract memoryLabelStore
d7cca3f997 docs/api: update deprecation version for erroneous fields
4dc961d0e9 image-inspect: remove Config fields that are not part of the image
0ec3278d48 profiles/seccomp: kernel v6.13
6aa8288cfb profiles/seccomp: kernel v6.12
e03ac1fad9 daemon: createCDICache: fix error-capitalization
7263ae74cd contrib: systemd: update deprecated StartLimit options
888cbfddf2 vendor: github.com/opencontainers/cgroups v0.0.2
42970fc461 registry: replace uses of errdefs package
979f18691a daemon: restore: fix fluentd-async-connect migration for downgrades
c6b9bb00f9 api/server/router/build: BuilderVersion: allow buildkit on Windows
560299a16f validation: re-enable check for changes in integration-cli"
e354e42e14 vendor: update buildkit to v0.22.0
a2ada6b258 daemon/create: Simplify GetImage args
2c57455339 vendor: github.com/containerd/containerd/api v1.9.0
a3ce441ae0 client: Use containerd errdefs to convert http errors
86187b2606 vendor: github.com/vishvananda/netlink v1.3.1
e8c269843c builder-next: remove support for deprecated schema1 images
a9ec07a005 builder-next: add buildkit executor for wcow
e655763837 client/volume: use containerd errdefs checks
6bde39b729 client/utils: use containerd errdefs checks
144363fea2 client/task_list_test: use containerd errdefs checks
6cd9eaf5ab client/task_inspect_test: use containerd errdefs checks
68a8a8f3c8 client/swarm: use containerd errdefs checks
0b4495463f client/service: use containerd errdefs checks
ad4a3d32c6 client/secret: use containerd errdefs checks
df96159df0 client/request: use containerd errdefs checks
7e8b26ecb9 client/plugin: use containerd errdefs checks
2356f435a6 client/node: use containerd errdefs checks
4a830df491 client/network: use containerd errdefs checks
8f2bf4aef5 client/info_test: use containerd errdefs checks
a1035ec59b client/image: use containerd errdefs checks
370b7e65fc client/events_test: use containerd errdefs checks
27e64d3bdb client/distribution_inspect_test: use containerd errdefs checks
f030c7bf10 client/disk_usage_test: use containerd errdefs checks
c75ca8ef10 client/container: use containerd errdefs checks
eafa2266f6 client/config: use containerd errdefs checks
685fa0bb91 client/checkpoint: use containerd errdefs checks
bb41e5a32e Replace platforms.Format with platforms.FormatAll in functional code.
9319fefe35 vendor: github.com/moby/buildkit v0.22.0-rc2
cf11cd1aac Replace platforms.Format with platforms.FormatAll in user-visible messages and logs.
0b1c7a8306 api/types: move ServiceUpdateOptions to api/types/swarm
31d62930f7 api/types: move ServiceCreateOptions to api/types/swarm
5ad0867236 api/types: move TaskListOptions to api/types/swarm
7e8f630bec api/types: move SwarmUnlockKeyResponse to api/types/swarm
f008d85edc api/types: move NodeListOptions, NodeRemoveOptions to types/swarm
b13528522a api/types: move ServiceListOptions, ServiceInspectOptions to types/swarm
5e8fd897e1 client/volume: use gotest.tools-style asserts
9432eff6bc client/utils_test: use gotest.tools-style asserts
adf7ecc366 client/task_list_test: use gotest.tools-style asserts
b781699ee2 client/task_inspect_test: use gotest.tools-style asserts
d8ee5caf9a client/swarm: use gotest.tools-style asserts
a6cd40de6b client/service: use gotest.tools-style asserts
3658dae265 client/secret: use gotest.tools-style asserts
2e65796c86 client/request_test: use gotest.tools-style asserts
44f30261da client/plugin: use gotest.tools-style asserts
832efcd672 client/options_test: use gotest.tools-style asserts
88453254af client/node: use gotest.tools-style asserts
047343d070 client/network: use gotest.tools-style asserts
6402a106e7 client/image: use gotest.tools-style asserts
043c7fa539 client/hijack_test: use gotest.tools-style asserts
a8ed3bd734 client/events_test: use gotest.tools-style asserts
c88f921331 client/disk_usage_test: use gotest.tools-style asserts
051dae4fdc client/container: use gotest.tools-style asserts
cae3ccd34b client/config_create: use gotest.tools-style asserts
bfc684d3f7 client/client_test: use gotest.tools-style asserts
19f3259093 client/checkpoint: use gotest.tools-style asserts
a411a39be0 api/types: move ConfigCreateResponse, ConfigListOptions to types/swarm
23117afca8 api/types: move SecretCreateResponse, SecretListOptions to types/swarm
3d1e4d9002 api/types: move build-related types to api/types/build
bb7dbaafcd api/types: move BuildResult to api/types/build.Result
6505d3877c API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields
114b8a4fa9 Remove unused image/v1 code
7130cd4f16 Remove DockerSchema1RegistrySuite schema 2 version 1 tests
7c09fa25fd distribution: remove v2 schema1 push
a891e4e3e1 validation: temporarily allows changes in integration-cli
2a96d2eb8d align //go:build versions
c1b2be0399 client/info_test: Use gotest.tools asserts
9095698a5c daemon: Discover devices and include in system info
f95a7c47e8 api: bump API version to 1.50
b70b496505 testutil/daemon: Don't use devcontainers daemon.json
23bbfea718 daemon: Fix error log when CDI cache creation failed
6d7a370fe5 Refactor CPU usage stats test to use go:embed
eefe68a37c api/types: move build cache types to api/types/build
7aa7369f1f client: deprecate IsErrNotFound
a022e916c8 update authors and mailmap
4cecce03f6 daemon: Enable CDI by default
07466d2e9b daemon: Daemon.ContainerExecStart: rename err-return, and minor refactor
d5c370dee6 libnetwork/networkdb: use correct index in GetTableByNetwork
270a4d41dc libn/networkdb: stop table events from racing network leaves
205ba05feb fix usestdlibvars
23fa0ae74a Cleanup http status error checks
fadb571106 Update api status checks to use containerd/errdefs
5c16f2d091 Use standard library interface to unwrap errors
a90a9d899b Ignore deprecations for internal errdefs package
f1bb44aeee Use containerd errdefs for error checks
ba2ddd75e4 Dockerfile: update crun to 1.21
f07242f6d7 containerd: include present content size in disk usage calculations
3ded7b97d0 vendor: github.com/containerd/accelerated-container-image v1.3.0
68e025a11b daemon: startIngressWorker: fix S1000: should use for range (staticcheck)
7bc6fd09da Dockerfile: update compose to v2.36.0
76b24759f0 container: Snapshot.Health: change type to container.HealthStatus
7a7d72e874 api/types/container: Summary.State change type to ContainerState
8e57a019dc fix: load the CDI driver before the dockerd daemon starts
b3ed54db81 integration/networking: mark TestPortMappedHairpinWindows as flaky
7b5d2b4ec3 chore: bump golangci-lint to v2
3d1cfb4de0 vendor: update buildkit to v0.22.0-rc1
c9b01e0c4c libn/networkdb: SetPrimaryKey() under a write lock
61646c8bfc containerd: remove unleaseSnapshotsFromDeletedConfigs
350bb5197a nftables: attempt a table-reload after an Apply error
06afbe9618 Check nftables is enabled before applying updates
976f855f68 Add OTEL span for nftables updates
eeba428939 Make WSL2Mirrored a Firewaller param
1028b123e8 integration, libnetwork: fix some godoc comments (ST1020)
a3aea15257 libn/networkdb: Watch() without race conditions
ada8bc3695 libn/networkdb: record tombstones for all deletes
c68671d908 libn/networkdb: b'cast watch events from local POV
ba0ad9e80f Unit test the bridge driver in terms of its firewaller
a7ef4a208d Fix multiarch image push tag for containerd snapshotter
854f3f62db container: don't persist State.RemovalInProgress on disk
44b653ef99 container: deprecate IsValidStateString
e477df3b31 daemon/cluster/executor: use container.ContainerState consts
3bbdda696d use container.ContainerState consts in tests
b811829595 api/types/container: add ContainerState and const for container state
8b6d6b9ad5 d/cluster/convert: expose Addr() on plugins
37259540e9 Remove/replace integration-cli tests that use iptables directly
daeb080ff1 Test Iptabler params
ea2e147c4c TestPruneDontDeleteUsedDangling: rename var that shadowed import
02e800dcbb plugin: use t.TempDir
57b27f2e9e image: use t.TempDir and rename vars that shadowed
08c5ebe040 layer: use t.TempDir and minor cleanups
f84694ebdc container: use defer for locks
24f305b666 Makefile: set BIND_DIR to "." by default
4b6a9d23af cmd/dockerd/trap: use t.TempDir
ea37a1f040 integration/build: use t.TempDir
900bd88848 internal/directory: use t.TempDir
46baf7deb0 distribution: use t.TempDir
1b4ba20708 distribution/metadata: use t.TempDir, rename var that shadowed
735ccfbc6f pkg/stack: use t.TempDir
72a11b84d4 testutil/fakestorage: use t.TempDir
b38f73afe3 daemon: cleanupContainer: leave decorating container-id/name to caller
d44b2e4bd7 daemon: cleanupContainer: use state-fields instead of string form
4a00ce10fa daemon: rmLink, cleanupContainer: rename args that shadowed import
1cf7d7ea4b hack/make/.binary: update link to go source for "pie" support
e991c7185d update to go1.24.3
89ee292709 container: update GoDoc for State
7dae7c54dd fluentd: add write timeout log option
56ad941564 Fix possible overlapping IPs when ingressNA == nil
dc1d23c646 Revert "rootless: skip tests that need br-netfilter loaded"
4b9092aa27 Load br-netfilter for rootless test-integration
7957a28859 container: remove GoDoc for deprecated aliases.
fe403362b4 container: State.Wait(): don't use deprecated type
0bd82bfac2 chore: add systemd-sysusers configuration
df662ebc59 container: deprecate IsValidHealthString
f9c4601760 volume/mounts: MountPoint.Setup: rename output-var, and simplify err-handling
6ac3afe483 volume: remove/rename err-returns
986988a394 testutil/daemon: Daemon.StopWithError: rename output-var to prevent shadowing
3606712e2d testutil: remove named returns
fe2d323c82 registry: remove/rename err-returns, and minor refactor
79b1b561a3 registry/resumable: remove named err-return, fix minor linting issue
e67b6bfc69 plugin: remove/rename err-returns
943dfa985d oci: remove named err-return
0b169d34e4 libnetwork: remove named (err)-returns
154230cdd7 libnetwork/portallocator: getDynamicPortRange: fix err-handling on freeBSD
962fd8bc41 libnetwork/ipams/remote: inline decodeToMap
cfdfbfab9b libnetwork/drivers/remote: inline decodeToMap
152db74d96 libcontainerd: remove/rename err-returns
f87dcbe350 layer: remove/rename err-returns and remove naked returns
6981aad790 internal/testutils: remove named returns
d1c58bdbbe integration-cli: remove/rename err-returns and remove naked returns
1b317b0323 distribution: remove named err-returns and minor refactor
1244685329 Optimization methods in internal\metrics\metrics.go
84ef7e4899 Allow TestIsolated/ipv6 to unexpectedly pass
4c4810e5d2 rootless: skip tests that need br-netfilter loaded
dacf445614 libn/networkdb: don't exceed broadcast size limit
697c17ca95 libn/networkdb: take most tests off flaky list
90ec2c209b libn/networkdb: listen only on loopback in tests
e3f9edd348 libn/networkdb: advertise the configured bind port
ec65f2d21b libn/networkdb: fix data race in GetTableByNetwork
d0af7c3c08 Move Cory from Reviewers to Committers
b0777be89e Use firewaller.IPVersion instead of iptables.IPVersion for gwmode
3cbb1ae736 Move filter-FORWARD DROP setting to the firewaller
44843d9917 Pass context to more places
a9bf151260 Put Iptabler behind a Firewaller interface.
92e497b9dc Create api interface to define build usage backend
aef409dfb2 Remove unused reference store in image api
9eec936eb0 project: update status of branches for Moby 28.x
9315b15dc6 fix(ST1006): Poorly chosen receiver name
70139978d3 fix(ST1016): Use consistent method receiver names
9e9b6cc42e fix(ST1019): Importing the same package multiple times
27bf320a72 fix(ST1017): Don’t use Yoda conditions
98fa4bcfeb fix(exhaustive): missing cases in switch of type snapshots.Kind
95af77d038 fix(ST1015): A switch’s default case should be the first or last case
f770f6c5ec fix(QF1012): Use fmt.Fprintf(x, ...) instead of x.Write(fmt.Sprintf(...))
a88c49f38e fix(QF1011): Omit redundant type from variable declaration
4f9214c156 fix(QF1007): Merge conditional assignment into variable declaration
be54c79d9c fix(QF1006): Lift if+break into loop condition
2cce9a51ca fix(QF1004): Use strings.ReplaceAll instead of strings.Replace with n == -1
e2e7f9964f fix(QF1003): Convert if/else-if chain to tagged switch
b0711d5fe9 fix(QF1001): Apply De Morgan’s law
7d8df25d16 fix misused error
fef139ccc1 fix import
44a3453d73 Add daemon option --allow-direct-routing
c16caabe36 Add TestNetworkConfigurationMarshalling
a94643a1b3 bridge: add option com.docker.network.bridge.trusted_host_interfaces
33f5b9e963 Don't add stub Endpoint/Network object to cache on Sandbox restore
c129c0fa9f Improve logging and readability of Controller.sandboxRestore
5d8192fcce Report endpoint id as well as name in ActiveEndpointsError
9aa66be7ec vendor: github.com/moby/buildkit v0.21.1
a79d081aa5 config: set buildkit gc enabled to default to true
19ccb75c62 daemon: remove/rename err-returns and remove naked returns
9ed975a247 daemon: NewDaemon: rename err-return
3e586094fc daemon: parseXXVersion: rewrite to be slightly more iodiomatic
2145cf6309 daemon: Daemon.ContainerStatPath, ContainerArchivePath: minor refactor
6da1ff6bf9 builder/builder-next: fix vars that shadowed (govet)
692610414a pkg/plugins: fix vars that shadowed (govet)
0fcd23ec13 daemon/logger/loggertest: fix vars that shadowed (govet)
4c57ffaca7 api/server/router/build: fix vars that shadowed (govet)
eef5c75276 api/server/router/network: fix vars that shadowed (govet)
7edd83a1b3 libnetwork: fix vars that shadowed, and slight refactor (govet)
7dbe2f1fb6 libnetwork/portallocator: fix vars that shadowed (govet)
357b136ee9 libnetwork/drivers: fix vars that shadowed (govet)
f831618e5b libnetwork/networkdb: fix vars that shadowed (govet)
f633e8f03f libnetwork/cmd/diagnostic: fix vars that shadowed (govet)
190ad0610d daemon/logger: remove/rename err-returns and linting warnings
ba15bbc422 daemon/images: rename err-returns to prevent shadowing
48220008d8 daemon/graphdriver: remove/rename err-returns and remove naked returns
088c180a9e daemon/containerd: remove named err-returns
dc79403f7b daemon/cluster: remove/rename err-returns and remove naked returns
9b62592bfe Dockerfile.windows: update github.com/tc-hib/go-winres to v0.3.3
d6b2aec809 pkg/progress: remove named err-return
029f267d9b pkg/pidfile: remove named err-returns
fdbf246889 pkg/parsers: remove named err-returns
b0f93d5283 pkg/fileutils: remove named err-returns
ab8e3da82c pkg/stdcopy: remove/rename err-returns
d17a62592f pkg/ioutils: remove named err-returns
f193ff1317 pkg/broadcaster: remove named err-returns
91f6e00ffa hack: Update broken links from README
7868d3ee3e vendor: github.com/opencontainers/runtime-spec v1.2.1
100102108b Use container status values from api
878de14c8d man: vendor github.com/cpuguy83/go-md2man/v2 v2.0.7
11f65b566d vendor: github.com/spf13/cobra v1.9.1
ea7152e493 volume/local: use t.TempDir
4b41198e3c volume/mounts: use t.TempDir
2b869baea3 volume/service: use t.TempDir
88f6dd72e5 volume/service: rename interface that collided with vars
3b4e21081f container: remove unused named-returns
35167dc616 client: Client: PluginInstall, PluginUpgrade: remove/rename err-returns
bb57656932 builder/remotecontext: remove unused named and "naked" returns
5416f2d57c builder/dockerfile: remove unused named and "naked" returns
f38b1fa30d builder/builder-next: SanitizeRepoAndTags: remove named err return
c025dd74f0 builder/builder-next: wrapRC.Read: remove intermediate err-var
49d5b2cc8e builder/builder-next: puller.resolve: rename err-return
3f2296cfc1 api/server/router: remove named (err) returns
1e4bb14bcd api/types/container: define HealthStatus "pseudo" type
c690e0076a use consts for health-status in tests
91473ce253 api/server/backend/build: sanitizeRepoAndTags: remove named err return
c5031c8632 api/types/time: remove named err return
50a856157c containerd: images overridden by a build are kept dangling
eee14cff72 builder/remotecontext: use t.TempDir
5749bc242a builder/dockerfile: use t.TempDir, rename vars that shadowed
b54a038bec docker exec: fail early on exec create if specified user doesn't exist
37725b5eae Drop "-o com.docker.network.enable_ipv[46]" if overridden
8d0c272e4a Add TestLegacyLink
dfd59c0a95 Dockerfile: Fetch vpnkit from moby org
af0232d52b integration/build: Unskip TestBuildEmitsImageCreateEvent for c8d
a0ff0a361e iptables: Direct routing DROP rules per-container, not per-port
dea236e0ce Split iptabler into multiple files
282b3f7b97 Move bridge driver iptables code into its own package
8c36a22e79 Rename function insertMirroredWSL2Rule
aa4abaf820 Use firewaller (iptabler) structs in iptables unit tests
75c60598b7 Move clearConntrackEntries to bridge_linux.go
42d149e45d fix duplicate import, and force consistent alias for bolt
eede75c9d4 testing: remove some defer cleanup in favor of test.Cleanup()
e3a0f2e690 vendor: github.com/vbatts/tar-split v0.12.1
bcc720abde builder/remotecontext: MakeGitContext: use "WithFields" for logs
54a556a5ef builder/remotecontext: Deprecate Rel()
2808e59f4c Dockerfile: update compose to v2.35.1
a75be33ba0 Dockerfile: update buildx to v0.23.0
dd36139b1a Dockerfile: update cli to v28.1.1
f1e3ed0c48 Dockerfile: don't pin syntax to 1.7
fc8361c078 vendor: github.com/containerd/containerd v2.0.5
62f51e4367 vendor: golang.org/x/oauth2 v0.29.0
bbbb0036df cleanup ignore files
ead379a464 contrib/rootless-setuptool: Fix iptables detection
7c52c4d92e update go:build tags to go1.23 to align with vendor.mod
619f1ddd05 Warn when no external DNS nameservers are found
6083fad7df Reset default bridge addresses after integration tests
c2b7abacf8 Use setupTest instead of testutil.StartSpan in tests
d4e0d6f2a1 Integration tests: use different docker0 addresses
fd550344b1 vendor: github.com/moby/go-archive v0.1.0
fd5e772aec CI: deduplicate execution of unit tests
b8067d159f docs/api: update image tarball format
a38ca9a548 daemon/initlayer: Setup: remove uses of idtools.Identity
380ded6309 Store an endpoint count for networks, for downgrade
ae0331d8f5 vendor: update buildkit to v0.21.0
57bf7a8c70 bridge: Add a missing error check for firewaller setup
c49ce64514 integration/TestStopContainerWithTimeout: Attempt to fix flakiness
7eda35fd05 profiles/apparmor: IsLoaded: optimize
0462b5e318 profiles/apparmor: add BenchmarkIsLoaded
b23d267cb5 profiles/apparmor: add basic unit-test for IsLoaded
0dd5959eeb profiles/apparmor: InstallDefault: slight cleanup and optimization
0bb761698c profiles/apparmor: loadprofile: fix double command in error message
8e1c366773 profiles/apparmor: remove "// import" comments
1fa6a46c5d profiles/seccomp: remove "// import" comments
89604f1df1 profiles/seccomp: use stdlib for asserting
14623770e1 vendor: github.com/moby/buildkit v0.21.0-rc2
eacbbdeec6 Revert "API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields"
ece7e02b86 Update AUTHORS
adb9e9135a docs/api: add documentation for API v1.49
099d3ee008 daemon: containerStart: add filtered labels to OTel span
0c5e816638 daemon: trace containerCreate
f96dc9d1a5 Dockerfile: update registry to v3.0.0
4d35864c3d Fix removal of legacy links
5d2006256f API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields
499e15d4ab api/server/middleware: fix debug-logs missing form-data
97688e8d06 container: Container.SetupWorkingDirectory: remove use of pkg/idtools
5f9d99b4cc integration-cli/swarm: Update to use gotest.tools
ea6c76ee03 integration-cli/TestSwarmInit: Skip failing part on CLI after 18.06
fab94808f5 integration-cli: Update default CLI version to v18.06.3-ce
6c73266a71 Add registry error handling for push and pull
ae3a1ac602 vendor: github.com/moby/buildkit v0.21.0-rc1
cd89a35ea0 Run CLI tests with cgroups v2
7435e4a1be registry: remove deprecated ServiceConfig.AllowNondistributableArtifacts
ba03cd7a63 daemon/config: add test for deprecated daemon.json fields
d72e434d30 vendor: golang.org/x/mod v0.24.0
224b393eb3 vendor: golang.org/x/net v0.39.0
b1ac2a53ed vendor: golang.org/x/crypto v0.37.0
a8af27bbae vendor: golang.org/x/text v0.24.0
7d49b014b6 vendor: golang.org/x/sync v0.13.0
9d04c28def vendor: golang.org/x/time v0.11.0
cdb3590e1a vendor: golang.org/x/sys v0.32.0
970fc1b6f7 Basic compose file for testing OTEL bits
d8a5e8928b replace uses of idtools.MkdirAllAndChown, MkdirAllAndChownNew
d96d20d45f update golangci-lint exceptions
29e0db25e7 Factor out top-level iptables setup into its own object
241d685574 libnet: add ep name in 'has active endpoints' error
489cd7edfc api, daemon, libnet: add a 'trigger' baggage member
31ac5cb6d9 libnet: New: plumb context
667c7d70b3 libnet/d/bridge: trace network setup steps
eaae4b5fb6 libnet/d/bridge: put span prefix in var
78be7ebad7 libnet/d/bridge: trace createNetwork
f8806f2b80 libnet/osl: independent OTel trace for advertiseAddrs
d0154d3e59 Update to use github.com/moby/go-archive
45f9d679f8 Update remaining Ubuntu 20.04 uses to 22.04 and 24.04
57a042b77c deprecate pkg/(chroot)archive for github.com/moby/go-archive
564abf9157 api: info: omit deprecated "Commit.Expected" fields on API >= 1.49
f410dbda88 dockerfile: dind target to build docker image for testing
c3fa7c1779 Test that firewalld reload doesn't re-create deleted iptables rules
dbea045e0d Report firewalld reload time in Info.FirewallBackend
a527e5a546 Restore iptables for current networks on firewalld reload
7d9c50db2b api: /info: omit non-distributable-artifacts fields for API >= 1.49
a0a86d0982 Add Info.FirewallBackend
25a80bd48e vendor: github.com/moby/sys/atomicwriter v0.1.0
4eebd2c920 libnet: TestNetworkStore: replace assert.Equal with Check
e22d04e8a9 Improve CPU usage parsing and error reporting
40650c6982 libnet: de-flake TestNetworkStore
1c79c893b1 libnet: de-flake TestEndpointStore
8a5f141b0e registry: Service.lookupV2Endpoints: wire-up context
9d8c8382d3 registry: authorizeClient: wire-up context
8b920b2812 registry: loginV2: wire-up context
4642704ed7 registry: newTransport: remove intermediate var
7acef8101e c8d/pull: Show progress for non-layer blobs
b3791dea92 pkg/archive: fix linting issues
a427477220 pkg/idtools: MkdirAllAndChownNew: improve deprecation message
a91bcc677b vendor: github.com/klauspost/compress v1.18.0
2c54f6f316 vendor: github.com/google/go-cmp v0.7.0
6422ff2804 deprecate pkg/atomicwriter, migrate to github.com/moby/sys/atomicwriter
f1ec5bf14f pkg/idtools: remove tests already covered in moby/sys/user
3fc36bcac4 Update daemon to use moby sys/user identity mapping
b5c99c0e95 Update moby/sys/user to version which includes mapping
0a83a476d8 registry: v1Endpoint.ping: pass through context
2a272a0c5d registry: newV1Endpoint: pass through context
f158d2e809 registry: ReadCertsDirectory: internalize, and pass context
51d7f95c4b libnet: remove struct endpointCnt
d377cd3810 libnet: Controller: cache networks in-memory
cc8bd2016e libnet: Controller: cache endpoints in-memory
c6cdfbf495 pkg/atomicwriter: return early if parent directory is invalid
00c988caa4 pkg/atomicwriter: add test for parent dir not being a directory
ad386f64e5 pkg/atomicwriter: error on unknown file-modes
ec82bc35c3 pkg/atomicwriter: disallow symlinked files for now
f3aebbf9d8 pkg/atomicwriter: add basic godoc for package
f80feba181 Rootlesskit: check for module nf_tables
7d742ebf75 Add utils for manipulating nftables rules
59169d0f97 image/inspect: Add platform selection
d4e70f6325 vendor: tags.cncf.io/container-device-interface v1.0.1
74b71c41ac update to go1.23.8 (fix CVE-2025-22871)
fc58c829e8 registry: ParseRepositoryInfo: remove some intermediate vars
44b7a42fc6 registry: ReadCertsDirectory: return early on error
4f65e35f02 registry: NewService: return nil on error
a7daab5df4 registry: authTransport: un-export AuthConfig, RoundTripper
795461eceb docs: api v1.48: Move ImageGet api docs under Image tag
e1e58409a1 docs: API v1.48 Add missing platform parameter to ImageGetAll api docs
db275ddbc1 libnet: fix duplicated port mappings in overlay networks
a9e22ee5e7 Don't run unit tests with mode rootless
749e35cf5e Move ImageGet api docs under Image tag
094df015b1 Add missing platform parameter to ImageGetAll api docs
7243860557 Include per-port rules in iptablesNetwork
4390ab275a api: bump API version to 1.49
0b5e1f904a Use netip.Addr instead of net.IP for legacy links
725e699741 Simplify iptables setup for legacy links
31f9ae0d19 registry: TestValidateMirror: improve coverage
cb0a9d713c registry: ValidateMirror: touch-up GoDoc
6b258ce567 registry: session.searchRepositories: pass through context
83aaa3428f distribution: pusher.push(): don't use APIEndpoint.Mirror field
6439824449 distribution: pushDescriptor: remove unused endpoint field
09ee47de39 distribution: cleanup some tests and add missing error-checks
adfed82ab8 Install and run firewalld for CI's firewalld tests
409707b633 bridge: factor out creation of network-level iptables rules
ec7fe73690 distribution: pushDescriptor: rename repoInfo to repoName
b1c526b4a9 daemon/containerd: remove registryResolver interface
0d95e1680a registry: ResolveAuthConfig: inline newIndexInfo code
6c643bc366 lookup auth-config without depending on RepositoryInfo
a18dae049f daemon/containerd: registryResolver: remove IsInsecureRegistry
abcc70b9ef distribution: GetRepositories skip using Service.ResolveRepository
071d8b21e9 distribution: Push: skip using Service.ResolveRepository
8b6a045aa4 distribution; newPusher: don't require RepositoryInfo
8653af5854 distribution: pullEndpoints: skip using Service.ResolveRepository
20a2807caa distribution: pullEndpoints: don't return RepositoryInfo
f1ecce6877 distribution: pullEndpoints: don't require RepositoryInfo
d6afe88b3c distribution: newPuller: don't require RepositoryInfo
03918c5b07 distribution: layerDescriptor: don't require RepositoryInfo
c91318e6c0 distribution: newRepository: don't require RepositoryInfo
2e8bf8b0ab distribution: remove vars that shadowed imports or types
d8fa2f8071 registry: deprecate APIEndpoint.Official field
0ab6f07c31 Fix TestPassthrough
2d643b6835 Firewalld: skip unit tests that run in their own netns
4fbfb618c3 Skip flaky part of TestAccessPublishedPortFromHost
b8323abe0a TestIsolated for IPv6 is broken under firewalld
86eff82789 Firewalld: Skip tests that run dockerd in an L3Segment
dc963a00c1 Firewalld should use its nftables backend
b8cacdf324 Add test util "FirewalldRunning"
8f506a51e5 containerd: ensure overwritten images from load are left dangling
7b2e47846c Run systemd/rootless when systemd/rootless unit testing
8d9e3502ab hack: Fix TestOverlay* test failure in pkg/archive
f5d84a45cc Start containers, even when connected to a disabled bridge port
072ea62fcc vendor: github.com/opencontainers/image-spec v1.1.1
a60603bfa3 hack/validate: Add gocompat
2be7f48561 implement module compatibility check
cc90726fb8 Add missing go1.22 build constraints
19a0f886da testutil: Update to `any` from `interface{}`
f14c23a90f libnetwork: Update to `any` from `interface{}`
82ec984d10 daemon: Update to `any` from `interface{}`
003bf197d7 container: Update to `any` from `interface{}`
444a1597ff c8d/builder: Fix missing `image tag` event with BuildKit
2fce935df2 vendor: github.com/moby/buildkit v0.20.2
7c09e4e607 TestBuildEmitsEvents: Skip Windows only for buildkit
99356b6e17 integration-cli/TestBuildEmitsEvents: Verify event count
3e957c6240 remove some redundant import-aliases
4db84b197d switch to github.com/opencontainers/cgroups
697956a8c7 vendor: github.com/opencontainers/selinux v1.12.0
34bc972519 vendor: github.com/golang-jwt/jwt/v5 v5.2.2
d01ee23c15 Dockerfile: update registry to v3.0.0-rc.4
081987b647 Dockerfile: disable saving Golang telemetry in dev-container
af14f3e7d3 Dockerfile: upgrade Delve to v1.24.1
d0b4bdbd25 api/router: postContainersAttach, wsContainersAttach: minor cleanups
73aa7e933c daemon: daemon.containerAttach: use structured logs
d494520aa0 daemon: daemon.ContainerAttach: use Println instead of Printf
183ca46099 daemon: daemon.ContainerLogs: move vars closer to where used
c164eec7e9 daemon: daemon.ContainerAttach: move vars closer to where used
f7853799fc daemon: daemon.containerAttach: remove redundant defers
80bf93c9d7 daemon: daemon.containerAttach: rename vars for clarity and prevent shadow
daeb6fb0b7 vendor: github.com/cilium/ebpf v0.17.3
eeee17eaad Dockerfile: update runc binary to v1.2.6
c1c5f16b8b vendor: github.com/opencontainers/runc v1.2.6
be6e92a57b pkg/atomicwriter: use sequential file access on Windows
452ff75159 Dockerfile.simple: avoid `Could not find installer for "proxy"`
fa21996da5 containerd: prioritize non-dangling images with image list
126d4cf672 client: remove version-gate for JSON response errors
230f178f8b api: return plain-text errors for deprecated API versions
c7fbe1c2ba integration-cli: fix duplicate close of body
1c00755826 integration-cli: fix some unhandled errors
8be5696c37 daemon/logger/journald: rename func that shadowed builtin
f2a183a991 daemon: return port-mappings from all endpoints
6b3b479192 daemon: getEndpointPortMapInfo: err is never used
35766af7d2 Dockerfile: update containerd binary to v1.7.27
c9a763ecc9 daemon: remove redundant call to getEndpointPortMapInfo
fb3cce1988 vendor: github.com/containerd/containerd/v2 v2.0.4
4276f330fc cmd/docker-proxy: do not eagerly GC one-sided UDP conns
0356854327 cmd/docker-proxy: make the conntrack timeout a property of UDPProxy
d70fd32a18 cmd/docker-proxy: UDP: thread-safe Write and Close
485cb90b77 Remove duplicate iptables-enabled checks
fce915897c Combine firewalld reload callbacks for IPv4/IPv6
ac34bd9bda integration/container: Remove Parallel from TestWait*
dd7f9f08d8 integration/container: Increase stop timeout for TestWaitRestartedContainer
a8f14e06d6 Improve performance of daemon.Containers().
c0ca783edb Allow macvlan endpoint to start with parent down
26fea35942 daemon: Fix panic on Windows when restoring pre v28 container
90a83063ee runconfig/errors: split `ErrConflictHostNetwork`
a3fef5debc Mask Linux thermal interrupt info in /proc and /sys.
cf3e42abaf Add an opt-out for iptables 'raw' rules
0f11ee1ae2 registry: ReadCertsDirectory: don't process same file multiple times
dd7ab0e82b registry: deprecate HostCertsDir
3cc9881ab7 registry: always set a non-empty CertDir
b633c4cc33 registry: deprecate SetCertsDir
d0dd035278 builder-next: fix min-free-space prune with graphdriver backend
1daeaec333 pkg/atomicwriter: validate destination path
4d8cff7bd4 Don't skip DNAT for a routed network without userland-proxy
084b7cec1a pkg/atomicwriter: add additional test-cases
ff061e28c1 pkg/atomicwriter: don't overwrite destination on close without write
88a5bca43c pkg/atomicwriter: add separate tests for New()
09e804f570 pkg/atomicwriter: refactor tests
2124706447 integration: Increase timeouts in TestStopContainerWithTimeout
946bf70f89 integration: Deduplicate TestStopContainerWithTimeout
fee063f01e daemon/c8d: Refactor singlePlatformSize into separate functions
f7d7fd9c52 contrib/check-config: add IPv6 modules
2a109e6c32 contrib/check-config: add ip_nf_raw
0e54920e01 Dockerfile: update RootlessKit to v2.3.4
7ae9e41ff6 vendor: github.com/rootless-containers/rootlesskit/v2 v2.3.4
55ff0062ca vendor: github.com/containernetworking/plugins v1.6.2
125aa3a682 vendor: golang.org/x/sys v0.31.0
5d6b56699d client: add API-version dependent validation for mount options
aa33bdaa71 registry: move emptyServiceConfig to test-file
0823d76ec5 client: keep image refs in canonical format where possible
907773160b registry: rewrite ParseSearchIndexInfo to not depend on IndexInfo
b22431ee9c pkg/atomicwriter: New(): use absolute path for temp-file
58bd93a625 pkg/atomicwriter: New(): prevent creating temp-file on errors
49c89b0177 docs/api: improve doc for Secret and Config data fields (API v1.31-v1.48)
df0cefcc95 api/swagger: improve doc for Secret and Config data fields
f2d53142b0 api/types/swarm: document Secret and Config data fields
c2c3d593cf registry: rewrite ParseRepositoryInfo to not depend on IndexInfo
42f1e38e20 integration/image: TestRemoveImageGarbageCollector: don't set zero-values
42ca9154e9 layer: remove StoreOptions.ExperimentalEnabled
df519e9e1a daemon: Fix giving up too early while connecting to containerd socket
ace8c9c94f vendor: golang.org/x/net v0.36.0
bc0ca67b1c vendor: golang.org/x/net v0.35.0
9278110260 Dockerfile: update containerd binary to v1.7.26
0a58c73e0d integration/net: Retry TestAccessPublishedPortFromAnotherNetwork
d34e1ff826 layer: remove StoreOptions.MetadataStorePathTemplate
556633ca47 cmd/dockerd: daemonCLI.start: scope local errors
8b59e1a398 cmd/dockerd: daemonCLI.start: return error instead of log.Fatal
8a8cdaaa11 cmd/dockerd: daemonCLI.start: don't log warnings before failing
6e30a4cc0c cmd/dockerd: explicitly access Config fields
dfecaaf908 cmd/dockerd: rewrite getContainerdDaemonOpts to a func
b95fdcd084 cmd/dockerd: createAndStartCluster: change to accept Config
29aa7e15bd cmd/dockerd: rewrite getSwarmRunRoot to a regular func
29c296e1dd cmd/dockerd: rename vars that shadowed imports
f87ae7c914 gha: test-prepare: update to Ubuntu 24.04
c41ed7c98c gha: build, cross: update to Ubuntu 24.04
d29038d1cb gha: integration-cli-prepare: update to Ubuntu 24.04
a23058e0d7 gha: integration-cli-report: update to Ubuntu 24.04
de69b552ff gha: integration-report: update to Ubuntu 24.04
b61f409972 gha: test: update Ubuntu 22.04 -> 24.04
60276fafca gha: integration-prepare: update to ubuntu 24.04
651fb91c4d gha: arm64: update Ubuntu 22.04 -> 24.04
f6a9ed5f0a gha: arm64: test-integration-report: update to Ubuntu 24.04
13e1ef6277 gha: arm64: test-unit-report: update to ubuntu 24.04
27404044a6 gha: validate, build-dev: update to Ubuntu 24.04
3571982458 gha: smoke: update to Ubuntu 24.04
ee73f2e5da gha: docker-py: update to ubuntu 24.04
b9ca3d198e gha: unit: update to ubuntu 24.04
1a0afb0f9e gha: bin-image: update to ubuntu 24.04
4919bf9f41 gha: buildkit: update to ubuntu 24.04
7b1fd61864 gha: validate-pr: update to ubuntu 24.04
eeffc099ef gha: dco: update to ubuntu 24.04
06b87d80ee gha: docker-py: set TEST_SKIP_INTEGRATION_CLI=1
c9f53d506a Merge ps_test.go into list_test.go.
95bf53fb6c container/stream: Don't log error when streams are properly closed
6e55f83747 Remove unused toml validation
bf8a27a55a Remove inactive maintainers with no activity in last two years
9e814fc0d7 Remove inactive former curators
b868fad5e3 Update governance to replace TSC and add maintainer roles
690f758505 vendor: golang.org/x/oauth2 v0.27.0
55599fd9b3 vendor: golang.org/x/oauth2 v0.26.0
a47d9c5f58 vendor: golang.org/x/crypto v0.35.0
3a28163007 vendor: golang.org/x/crypto v0.34.0
ffc91fd76a vendor: golang.org/x/crypto v0.33.0
7cba8aef1c vendor: golang.org/x/text v0.22.0
995d71a033 vendor: golang.org/x/sync v0.11.0
e325564f38 vendor: golang.org/x/sys v0.30.0
65b460b9ef vendor: update buildkit to v0.20.1
6e8eb8a90f vendor.mod: update minimum go version to go1.23
26edf2d0a7 Flush iptables chains DOCKER-CT, DOCKER-BRIDGE on startup
5f912e4cf5 update to go1.23.7
a8178613af golangci-lint: enable nakedret linter
c359cc6829 api/types/registry: fix naked returns
b1c008c007 api/server/router/build: fix naked returns
4aecdd5744 image/tarexport: fix naked returns and slight refactor
99b6012a02 daemon/logger/awslogs: remove unused named return
4fa9ec3192 daemon/logger: fix naked returns and slight refactor
eeb5651de5 daemon/graohdriver/fuse-overlayfs/: fix naked returns and slight refactor
02b4610246 daemon/graohdriver: fix naked returns
964413c3a1 daemon/cluster: fix naked returns
387ec71630 daemon: fix naked returns
85c8fb7fda daemon: getSystemCPUUsage(): fix naked returns, output vars
5c85847a55 registry: fix naked returns, output vars
17448ef1c8 plugin: fix naked returns, output vars
faa9cb125b pkg/tarsum: fix naked returns
b5b514ab04 pkg/stdcopy: fix naked returns
d3d84bde4b pkg/pools: fix naked returns
52b8298975 pkg/chrootarchive: remove unused named return
b38f0dd804 pkg/archive: fix naked returns, output variables in tests
d59a9d9b10 pkg/archive: fix naked returns, output variables
c62f5aff42 libnetwork: fix naked returns
8978b30b1a libnetwork/types: fix naked returns
619e8f8148 libnetwork/osl: fix naked returns
02b4c7cc52 libnetwork/drivers/overlay: fix naked returns, output variables
94afddb18d libnetwork/cmd/networkdb-test: fix naked return
379b82862f layer: fix naked returns
b1c617681f internal/unix_noeintr: fix naked returns
51f574ea0e internal/mod: fix naked returns
e1538336c7 integration-cli: fix naked returns, output vars
220b3c591f container/stream/bytespipe: fix naked returns, output vars
0cd39d7b23 builder/remotecontext: fix naked returns
0c1b37c50a builder/dockerfile: fix minor linting issues
8302cd2d29 builder/dockerfile: downloadSource: fix naked returns, output vars
00bd916203 libnetwork/resolvconf: Build: re-implement using new implementation
2f19577877 libnetwork/resolvconf: Build: align order with new implementation
03aeedcca9 libnetwork/resolvconf: update tests to use more correct values
c34f8bbba3 integration/volume: setupTestVolume: minor cleanups and fixes
28bf578a40 integration/volume: TestRunMountImage: use test-util for container cleanup
e41eaf2c8d integration/volume: TestRunMountVolumeSubdir: remove some logs
f1bec97dfe registry: use literal for empty slice
7b4e21e5d0 registry: fix typo in godoc
be9c4dd3c5 registry: TestNewIndexInfo: add more test-cases
949afd933b registry: TestNewIndexInfo: assert all fields
310d6d2fa5 registry: TestNewIndexInfo: use sub-tests
50d17676e4 registry: TestParseRepositoryInfo: add test-cases for IPv6 refs
328b808765 registry: TestParseRepositoryInfo: assert all index-info fields
d9634c3b28 registry: TestParseRepositoryInfo: use sub-tests
e2a5220ec3 registry: remove makeServiceConfig test-utility
52419cf933 golangci-lint: enforce "is" alias for gotest.tools/v3/assert/cmp
1c63f3983b volume/service: adjust "gotest.tools/v3/assert/cmp" import alias
9766a446ae integration/network: adjust "gotest.tools/v3/assert/cmp" import alias
c16fcdfc4b integration/image: adjust "gotest.tools/v3/assert/cmp" import alias
6abe6a910a integration/container: adjust "gotest.tools/v3/assert/cmp" import alias
22069f2431 integration-cli: adjust "gotest.tools/v3/assert/cmp" import alias
605f02a59b distribution: adjust "gotest.tools/v3/assert/cmp" import alias
75b86c47d9 daemon/logger/loggerutils: adjust "gotest.tools/v3/assert/cmp" import alias
59e6d1d214 registry: TestLoadInsecureRegistries: don't mutate emptyServiceConfig
849f344ecc registry: split normalizing index name from validating
fee40a9333 registry: create emptyServiceConfig without parsing
a3583b4b58 registry: newRepositoryInfo only check for official images for Docker Hub
08654b0b30 registry: deprecate RepositoryInfo.Official field
dbc9d56820 vendor: github.com/containerd/containerd v2.0.3
15895d8ead daemon/graphdriver: rename vars that shadowed
aa9817b0c5 testutil: remove isErrNotFoundSwarmClassic
0ab7d41f9e testutil/environment: Execution.Clean: remove redundant condition
b301c34b92 libcontainerd/local: remove arg-names for stubs
12f89cc19b libcontainerd/local: NewClient: remove unused cli, stateDir, ns args
620f26e1e3 libcontainerd/local: client.createWindows: remove unused runtimeOptions
9c4e10126e libcontainerd/local: client.NewContainer: use early return
7c1a2301f0 libcontainerd/local: client.extractResourcesFromSpec: use early return
fc462d699a Dockerfile: update compose to v2.33.1
855563fc43 Dockerfile: update docker CLI to v28.0.1
ab7305c85a Check swarm's jump to DOCKER-INGRESS
be14d9148c Make integration/service/network_test.go Linux-only
cfc562c358 daemon/cluster: create "state" and "runtime-dir" closer to where used
ef4f4d845d daemon/cluster: rename Cluster.root to Cluster.stateDir
4d3d4bbeeb daemon/cluster: remove Config.WatchStream and move to constructor
cdbb62394c builder/dockerfile: remove intermediate var that shadowed
558da63444 Jump to DOCKER-INGRESS from DOCKER-FORWARD
fdd534d2ca libcontainerd: windows: return errdefs type for pausing
60782e6d39 container: fix some errors on Windows
c37690b98e libnet/portallocator: un-export errors that were not used as sentinel errors
cfc049c938 Use iptables-nft in the dev container / CI
47ca352b0d vendor: github.com/opencontainers/runc v1.2.5, cyphar/filepath-securejoin v0.4.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
c2aab39117 |
crun: update to 1.21
Bumping crun to version 1.21-216-ge922e422, which comprises the following commits:
aa082854 tests: install catatonit package
405d2a2c libcrun: setup /dev/console as a symlink to pty instead of bind mount
1203dadc Fix regression on Windows WSL
4db005a5 Fix incorrectly set cpu.max when quota is -1.
f231b79a krun: check `kconf->handle{_sev}` exists before unloading
910eb16b utils: normalize S_ISDIR() result to 0 or 1
91732ac0 libcrun: add crun_error_get_errno
7d618b7a status: simplify libcrun_status_check_directories
b34f613e status: add cleanup_free
7407bbc9 Revert "chroot_realpath: do not return non-existing paths"
1412f0a8 test: bump containerd version
82b75fa4 cfg.mk: prohibit usage of sprintf
af163aa5 container: use snprintf instead of sprintf
07eef8ac container: use xasprintf instead of sprintf
c3c19280 error: replace sprintf with snprintf
4666e880 cgroup: replace sprintf with snprintf
c212049d seccomp: replace sprintf with snprintf
9bb4e901 linux, utils: use snprintf instead of sprintf
4353d55a status: use snprintf instead of sprintf
271f7f50 intelrdt: use snprintf instead of sprintf
fd118c15 cgroup-setup: drop unused variable
4dbe7549 configure.ac: fix variable name
a95034a4 linux: ensure fstype is not NULL
d462c1cf tests: improve error messages in start tests
f2ae65db tests: improve error messages in seccomp tests
6b3485f3 tests: improve error messages in rlimits tests
dffbeadd tests: improve error messages in resources tests
8f518ee2 tests: improve error messages in oci_features tests
2bfc81bd tests: improve error messages in limits tests
9b164379 tests: improve error messages in hostname tests
39b374d5 tests: improve error messages in exec tests
dbd25dcc tests: improve error messages in domainname tests
57769eee tests: improve error messages in devices tests
77fc894f tests: improve error messages in exec tests
be391abb tests: improve error messages in mounts tests
d212647d tests: improve error messages in capabilities tests
c3bac03c tests: improve error reporting
f62dcc21 tests: fix mount of tmpfs
d318fa1a tests: recreate tests root for each test
21e860c7 fix rootless option parsing
7b825680 container: create missing errors
64fbacab python: reset pointer after asprintf failure
cfcb839a run, create: deduplicate code
957a6518 linux: add `src-nofollow` & `dest-nofollow` options
044c89d2 run, create: align implementations
0479ae73 libcrun: prefer waitpid_ignore_stopped NULL argument
88f45286 criu: reject unsupported 'src-nofollow' option
602d0e14 linux: add argument nofollow to is_bind_mount
ae0ecdd7 mountflags: add `dest-nofollow` and `src-nofollow` options
af39d913 linux: refactor mount fd handling in do_mounts
c77a1807 linux: add `nofollow` option to `get_bind_mount`
c8d042b3 linux: remove duplicate close of rootfsfd
91d202a2 linux: drop unuseful variable
c1671bd0 github: show the diff for the check job
6c24739d src: improve dlopen error message
33602a51 Packit/TMT: disable centos-stream-10-x86_64 tests
b1133e95 TMT: include podman checkpoint system tests
fddb3042 Revert "criu: rename a variable"
97fd76bf Fixup "criu: support mounts where dest is a symlink"
379524f0 krun: Determine flavor from VM config tree
7d1d15d7 krun: Configure VM with pre-parsed config tree
13fcca9e krun: Add function to parse krun VM config
fbd8ea8f tests: add new tests to test_pid
3241e2c7 tests: add new test_uid_gid.py tests
4f173407 tests: add new test_devices.py tests
0b8455ea tests: add ischar, isblock, isfifo commands to init
9056ec3b tests: add openwronly command to init
42e5bc61 tests: report the correct exit status for ls
07374bb6 crun: expose net devices feature
006c7aa1 libcrun: advertise net devices support
ba0ec5a7 linux: add support for network devices
fe8f3277 tests: add ip command to init
64a2e0e1 linux: Update rootfsfd when rootfs is replaced
7de03e62 linux: safe_openat reopens root
2e210bdc linux: use rootfsfd directly from container data
e9d159f7 linux: store rootfsfd under private data only
953a8c49 utils: crun_safe_ensure_at opens empty paths
372446d7 tests: fix unused variable
9ddddfb0 test: fix mount to test
040cb2e7 linux: include errno check in UNLIKELY macro
b337c9d3 libocispec: update from upstream
37dacae3 linux: do_mount: simplify
0f74f03f linux: use ALL_PROPAGATIONS_NO_REC
7f686825 intelrdt: add support for generic schemata update
ca40dac7 ci: show git status
2ad0b600 libocispec: sync from upstream
558419b2 utils: do not use stack for lens array
174963dc criu: avoid malloc in prepare_restore_mounts
e0b01580 criu: support mounts where dest is a symlink
55498c1f criu: rename a variable
880b7ee3 criu: allow mount type to be NULL
a9c1f024 criu: reuse is_bind_mount
b4b29088 Fix python call to `libcrun_get_verbosity`
c1e72c10 tests/test_checkpoint_restore.py: fixup
e5d2489d criu restore: create --work-path
157a673d criu checkpoint: error message fixup
91aa3683 criu: validate --parent-path
0dceab0c tests: add --work-path to criu test
90ef9732 criu: create --work-path directory
1fa86492 nix: update nixpkgs
b9796420 linux: improve cgroup2 mount error message
b679e7f7 linux: move unified_cgroup_path to private_data
ffbfb6f3 Fix getcwd error handling
8c0075b5 linux: use syscall getcwd return value to set error
99c7b959 crun: Fix the binary name in the Usage info
19b4c254 Revert "Packit: Disable osh_diff_scan"
dd8e1af5 Packit: Disable osh_diff_scan
5ec1f2ab Revert "Disable criu support on riscv64"
bdd62e17 krun.1: regenerate
739a2bff build-aux/release.sh: fix shellcheck warnings
5c14c0dc make shellcheck: add more files
f1cf3b35 tests/run_all_tests.sh: fix shellcheck issues
d084c9b5 ci: bump shellcheck to v0.10.0
10e312d5 ci: improve shellcheck job
1e518be6 crun.1: fix "CPU controller" table rendering
e7f8dc33 github: use ubuntu-latest for shellcheck
10db1f7a utils: Mark base64 table as non-string data
245d2edf ci: Add awk dependency to test containers
51958b39 ci: Add awk dependency
9adca806 Packit/TMT: run shellcheck tests on fedora envs
6e1ef464 ShellCheck: resolve warnings in TMT test script
7b910ea2 TMT: Simplify plans
9b395e9a build(deps): bump uraimo/run-on-arch-action from 3.0.0 to 3.0.1
9f2604ac linux: remove unused preprocessor directives
21e0179b linux: fix definition of CLONE_NEWCGROUP
684b2540 linux: fix definition of CLONE_NEWTIME
3e9b1c4a linux: fix definition of CLONE_NEWTIME on Centos 9
fc3ae8e2 krun: stop using set_workdir
dfb649b3 linux: fix error leak from sync fd
8cb44cd6 container: don't leak error
0d760a96 linux: fix error leak
3649947b linux: make error messages more uniform
75e74bf7 container: make error messages more uniform
9774d59a utils: make error messages more uniform
b656f67f cgroup: fix quoting for file names in error messages
6d4f5387 tests: configure additional IDs for the containers user
3b2e2a13 tests, podman: fix ginkgo installation
c359fbd8 krun: return dlerror string when library is not found
285574fe tests: add tests for "crun mounts"
b5a566bf crun: expose mounts command
196ad5e4 container: add/rm mounts API for a running container
4a27212a linux: move prepare_mount to its only caller
c1c5232d linux: split code to new function
c7337717 linux: refactor code in a new function
9acf13d6 tests: fix function signature
05277835 status: report better error on ENOENT
c6197431 libcrun, krun: use existing error
e229c129 seccomp plugins and seccomp receivers cannot be declared at the same time
18af4515 src: remove unused variables
10269840 NEWS: tag 1.21
84828c65 krun: bump vcpu limit to 16
079f95d0 krun: implement support for external kernels
a7a178a1 krun: consolidate configuration file definitions
059445af utils: getsubidrange returns negative value on errors
ff054fe7 maybe_chown_std_streams: ignore EBADF
3adcc2c7 utils: set_home_env returns negative value on errors
f4973d7a tests: move cwd tests to the correct file
53f1c0bc if the container main process and console socket do not need a terminal, the terminal fd is not created
2f7c9b88 console socket client is initialized only when the user declares terminal.
132c793a krun: fix error message
8675bafa krun: create context after loading the library
a5cb511d cpuset: fix handling of absent subcgroup
d2b824ca krun: stop using krun_set_exec
b09aa67d krun: make krun config file world readable
459595b6 container: ignore SIGWINCH without tty
c954b1b6 criu: use a process to initialize the cgroup
959cc6c4 cgroup: extend function
e3866cc5 cgroup: fix ownership of dfd in read_pids_cgroup
Bumping libocispec to latest, which comprises the following commits:
9d1955f sources.py: fix unconditional return in map value clone
9937df4 ocispec: rename judge_complex to is_compound_type
61b922d ocispec: add support for string->object maps
abae290 ocispec: remove explicit inheritance from object
d67f492 helpers: rename CombinateName to HierarchicalName
55a0a9c helpers: rename Unite class to SchemaNode
809b047 runtime-spec: update to latest upstream revision
d455ad0 image-spec: update to latest upstream revision
30a27d7 github: update action
ed23e6a runtime-spec: sync from upstream
412ce10 image-spec: sync from upstream
Bumping runtime-spec to version v1.2.1-11-g82cca47, which comprises the following commits:
afd830f principles: fix typo
d2f4f90 config-linux: add schemata field to IntelRdt (#1230)
27cb002 docs: fix typo (#1285)
0ed7cf6 docs: add missing backticks for code formatting
e935f99 Define Linux Network Devices (#1271)
df100de add systemd-nspawn to implementations.md
95a651f Add back +dev
524fc0e Release v1.2.1
221c198 Fix description of errnoRet in Seccomp
9de64c0 config-linux: update for libseccomp v2.6.0
1df9fa9 zos updates - add zos namespaces, remove zos devices This PR proposes updates to the OCI runtime spec with z/OS platform-specific details, including adding namespaces, adding noNewPrivileges flag, and removing devices. These changes are currently in use by the IBM z/OS Container Platform (zOSCP) product - details can be found here: https://www.ibm.com/products/zos-container-platform.
131ae4c Correct `prestart` hook description in summary (#1275)
b9e8fdb Add support for windows CPU affinity
b37b687 ci: Add a github actions workflow for lint
8cfc407 specs-go: sync SCMP_ARCH_* constants with libseccomp main (#1229)
9ceba9f update http links to https
Bumping image-spec to version v1.1.1-6-g64294bd, which comprises the following commits:
aca17c0 Clarify that canonical JSON is not a requirement
1809845 Bump back to +dev
147f9c1 Release v1.1.1
4fecf47 Add blake3 as a registered/supported hash algorithm
81e457e Fix grammar nit
60acaac Document extensibility of the image layout
4dcf962 Document Go version policy
6a277dd Add `cache-dependency-path` to avoid setup-go warning
00584ff Reduce maintenance burden by letting setup-go track our Go versions
85abb94 Manifests may contain multiple digest algorithms
aa533a0 Delete project documentation
03306ac Hard link limitations in union filesystems
cee95e9 Ignore uname/gname where uid/gid are supported
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
1d02f97bdd |
cri-tools: update to v1.33.0
Bumping cri-tools to version v1.26.0-1253-g0cf370b1, which comprises the following commits:
9dee32cb Bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 in the kubernetes group
db5e1a5d Bump github.com/docker/docker in the gomod group
3965e51f Bump the gomod group across 1 directory with 15 updates
51931829 Bump creyD/prettier_action from 4.5 to 4.6
d2ab00b5 Revert "Disable containerd hostport test"
bb23a30f Fix regression in reading crictl config file
805ec939 Bump crate-ci/typos from 1.32.0 to 1.33.1
49f9848f Add --all flag to crictl stop command.
5a2b848d rename the google group for sig node
e1aa696f Bump the kubernetes group with 7 updates
cebc14c7 Fix containerd CI tests
10446494 Bump google.golang.org/grpc from 1.72.0 to 1.72.1 in the gomod group
19933a15 Bump actions/setup-go from 5.4.0 to 5.5.0
70cc7ecf Bump creyD/prettier_action from 4.3 to 4.5
3391150d Fix CRI-O CI
0c5878f3 Bump the gomod group with 3 updates
9835fac0 Bump crate-ci/typos from 1.31.2 to 1.32.0
2df538ee reuse urfave/cli.Context instead of creating a new instance
c78b0da4 add local imports to goimports formatting settings
4e4c0105 Bump crate-ci/typos from 1.31.1 to 1.31.2
dc35d07f Update release notes tool to v0.18.0
0368aedc Switch to k8s final
fe2470b9 Bump the kubernetes group with 7 updates
bd70f72b fix the issue of regexp matching
550b0325 pass down the context object wrapped within the urfave/cli.Context struct
ef51018b Update cri-tools to v1.33.0 in README.md
4cc79024 chore: add and migrate to sigs.k8s.io/yaml
b00094da Add metricdescs cmd for ListMetricDescriptors API
e2938014 Update go.mod
e85c4754 Bump the gomod group across 1 directory with 9 updates
197c6bfd Disable containerd hostport test
a17bf9a2 Bump the gomod group across 1 directory with 5 updates
e1282733 Bump google.golang.org/grpc from 1.71.0 to 1.71.1 in the gomod group
7beefa0d Bump crate-ci/typos from 1.31.0 to 1.31.1
7841bc21 Bump crate-ci/typos from 1.30.3 to 1.31.0
fa0199ca bump cri-api to include API change
efa5adc9 Bump github.com/docker/docker in the gomod group
136f62ab Switch to golangci-lint v2
a007f2c3 Bump the gomod group across 1 directory with 4 updates
aadf9bd7 Bump crate-ci/typos from 1.30.2 to 1.30.3
de5928b7 Bump github.com/onsi/ginkgo/v2 from 2.23.1 to 2.23.2 in the gomod group
72541a1d Bump the gomod group with 2 updates
76706f3a Bump actions/upload-artifact from 4.6.1 to 4.6.2
5994f626 Bump actions/cache from 4.2.2 to 4.2.3
3f997020 Bump actions/setup-go from 5.3.0 to 5.4.0
409843c6 Use go version requirements from go.mod
1f362107 Update cri-api to latest commit
360839ff Bump the kubernetes group with 7 updates
b221115c Bump crate-ci/typos from 1.30.1 to 1.30.2
4d527fc0 Fix e2e tests
f1d0e5d1 Bump the gomod group with 9 updates
9fe2377f Update go.mod
0da7f3bb Bump the kubernetes group with 7 updates
ebe1e024 Bump google.golang.org/grpc from 1.70.0 to 1.71.0 in the gomod group
31c1208c Bump crate-ci/typos from 1.30.0 to 1.30.1
44ad24ec Bump crate-ci/typos from 1.29.10 to 1.30.0
16a8b093 Bump actions/cache from 4.2.1 to 4.2.2
e79aebf0 Bump github.com/docker/docker in the gomod group
bfe4489b Bump crate-ci/typos from 1.29.9 to 1.29.10
4cc11c6b Switch to go 1.24
1a12fc5a Add `crictl update --oom-score-adj` flag
6716e360 Bump ncipollo/release-action from 1.15.0 to 1.16.0
35d68a3d Bump actions/upload-artifact from 4.6.0 to 4.6.1
67b9d1e7 Bump crate-ci/typos from 1.29.8 to 1.29.9
0e881df7 Bump crate-ci/typos from 1.29.7 to 1.29.8
c473651c Bump actions/cache from 4.2.0 to 4.2.1
85a079de Bump github.com/docker/docker in the gomod group
16f7de61 Bump the kubernetes group with 7 updates
9927d368 KEP-3619: Display "RuntimeFeatures" object(in ".features" field) in "crictl info" command
6bbb88b4 Fix typo
1e872922 Bump crate-ci/typos from 1.29.5 to 1.29.7
8cd277b4 Use go-md2man v2
a276468f Rework the Makefile help
3266feb4 Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 in the gomod group
c833e615 Bump the kubernetes group with 7 updates
7114b6db Bump the gomod group with 3 updates
41fe74d7 Deflake e2e test `should not show help running rmi -a`
1e122b8c Bump crate-ci/typos from 1.29.4 to 1.29.5
9bdf43d5 fix the release status of critest
f23688f3 Enable `wsl` and `nlreturn` linters
da609495 Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 in the gomod group
fc363a7c Bump google.golang.org/grpc from 1.69.4 to 1.70.0 in the gomod group
91ee76d4 Update golangci-lint and config
bb895a38 Fix `should not show help running rmi -a` e2e test
8154c69e Bump github.com/docker/docker in the gomod group
e2263179 Bump actions/setup-go from 5.2.0 to 5.3.0
a6bea790 Fix `--image` filter for crictl `inspect` and `exec`
eb27ba79 Bump the gomod group with 4 updates
089acbb5 Bump the gomod group across 1 directory with 3 updates
49b08d0f Bump ncipollo/release-action from 1.14.0 to 1.15.0
eb137156 Bump actions/upload-artifact from 4.5.0 to 4.6.0
80a8cdc7 Fix UpdateContainerResources call for windows
3a537124 Bump google.golang.org/protobuf from 1.36.1 to 1.36.2 in the gomod group
83ea9944 Bump the gomod group with 3 updates
7dd8ad17 Bump crate-ci/typos from 1.28.4 to 1.29.4
dec4650f chore: fix typos lint error
e5f6211d Bump the gomod group across 1 directory with 2 updates
7d818981 feat: retrieve specific log stream of a container
b3b41941 Bump the gomod group across 1 directory with 3 updates
a4b0f900 Bump actions/upload-artifact from 4.4.3 to 4.5.0
b31e4c27 Bump the gomod group with 2 updates
c8dfcaa3 Enable and fix `thelper` linter
962675d3 Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in the gomod group
f194b879 Bump crate-ci/typos from 1.28.3 to 1.28.4
088df13e Bump crate-ci/typos from 1.28.2 to 1.28.3
ef9ff838 Bump the gomod group with 5 updates
3eadb52d Bump actions/setup-go from 5.1.0 to 5.2.0
9e4736e1 Bump the kubernetes group with 7 updates
e497cde0 Bump github.com/onsi/gomega from 1.36.0 to 1.36.1 in the gomod group
0e391f24 Bump github.com/docker/docker in the gomod group
706635ae Update golangci-lint to v1.62.2
aadfea46 Update latest version to v1.32.0
525da746 Switch back to rc2
aa74f030 Bump actions/cache from 4.1.2 to 4.2.0
4b276570 Bump the kubernetes group with 7 updates
ce4f734d Bump the gomod group with 4 updates
e57f45d4 Switch CI to use macos-13 runner
88c14290 Switch back to rc2
e23679fc Bump the kubernetes group with 7 updates
619024b1 dependabot: group kubernetes updates
76539c20 Bump crate-ci/typos from 1.28.1 to 1.28.2
06c94e8a Update vendored Kubernetes to v1.32.0-rc.0
bd33d80c Bump crate-ci/typos from 1.28.0 to 1.28.1
9f0998f0 Exclude go.sum
3ae2eeff Bump crate-ci/typos from 1.27.3 to 1.28.0
8da10ef4 Bump github.com/onsi/gomega from 1.35.1 to 1.36.0
d779396d Bump k8s.io/cri-client from 0.31.2 to 0.31.3
d78e359f Bump k8s.io/kubectl from 0.31.2 to 0.31.3
ef453138 Bump k8s.io/kubelet from 0.31.2 to 0.31.3
0df49937 Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0
dfad0119 bug fix: Fix panic if c.Image is nil
1ca3d682 Run prettier on supported files
67d7a653 Add `--profile-{cpu,mem}` flags
5449a734 Bump google.golang.org/protobuf from 1.35.1 to 1.35.2
48e7ac9b Use `slices.Compact` instead of own logic
0a326575 Make `--tls-ca` optional
265de9a0 Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
a305a817 Bump go.opentelemetry.io/otel/sdk from 1.31.0 to 1.32.0
5955076e Bump crate-ci/typos from 1.27.2 to 1.27.3
d8cde244 Bump go.opentelemetry.io/otel from 1.31.0 to 1.32.0
7528c026 add swap column to crictl stats
7037a106 Bump golang.org/x/term from 0.25.0 to 0.26.0
a5b538ad Bump google.golang.org/grpc from 1.67.1 to 1.68.0
d43ab38b Bump golang.org/x/text from 0.19.0 to 0.20.0
22def9aa Bump golang.org/x/sys from 0.26.0 to 0.27.0
dbc42be4 Bump crate-ci/typos from 1.27.0 to 1.27.2
2cf15800 Add TLS support for `crictl` `exec`, `portforward` and `attach`
faf67899 Check and fix typos in CI
240a123f Bump github.com/onsi/gomega from 1.35.0 to 1.35.1
b91c463a No need for overly strict criteria for judgment
1ee80a10 Bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0
f6394f2a Bump github.com/onsi/gomega from 1.34.2 to 1.35.0
baca737e Clarify that `crictl config` without args refers to `set`
b6b10ebf Fix `crictl config --set` if the YAML defines entries multiple times
38381e1b Use const defines for config options
cce4fcc1 Add `crictl config` e2e tests
74e72db0 Bump actions/setup-go from 5.0.2 to 5.1.0
12f155d0 Add warning log message about which config files to try
6646f80b Bump k8s.io/cri-client from 0.31.1 to 0.31.2
9aca89aa Bump k8s.io/kubectl from 0.31.1 to 0.31.2
82030f72 Bump actions/checkout from 4.2.1 to 4.2.2
a3642af9 Bump k8s.io/kubelet from 0.31.1 to 0.31.2
cbe9d34c Add more file based test cases
d941fdf8 Bump actions/cache from 4.1.1 to 4.1.2
60d6117a Add config file unit tests
ddd1b0a8 fix: fix validation error for go templates that use a crictl defined builtin function
db472c80 Use golang context instead of `golang.org/x/net/context`
34d1b37d Fix panic if container metadata is `nil`
94a6e23a Fix panic if Metadata is nil
c0e41746 Allow parallel image removal
ce419956 Use errorUtils for exec goroutine aggregation
d552fb5f Allow prallel container removal
bc6941bc Bump github.com/opencontainers/selinux from 1.11.0 to 1.11.1
7e505de1 Log the used connection timeout on debug output
a74ab697 crictl ps: output container namespace
e60d59b2 crictl ps, inspect: allow pod namespace filtering
c787cf4f Bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5
cd649cce Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
68db8fdd Bump go.opentelemetry.io/otel/sdk from 1.30.0 to 1.31.0
a9f1a398 Bump go.opentelemetry.io/otel from 1.30.0 to 1.31.0
e3869aa8 crictl exec: add `--quiet/-q`, `--ignore-error/-e` and `--parallel` flags
e7fbe3f1 Bump actions/upload-artifact from 4.4.2 to 4.4.3
f3f366e9 Pin `k8s.io/{api,apimachinery,client-go}` to v0.31.1
cf8861c7 Bump actions/upload-artifact from 4.4.1 to 4.4.2
f4035bef Bump actions/cache from 4.1.0 to 4.1.1
3d8c9c02 Bump google.golang.org/protobuf from 1.34.2 to 1.35.1
524fbb8b Bump actions/upload-artifact from 4.4.0 to 4.4.1
b3a4d58b Bump actions/checkout from 4.2.0 to 4.2.1
997dc57c Pin Kubernetes to v1.31.1
5b7ee6bc Bump google.golang.org/grpc from 1.66.2 to 1.67.1
c08ed4da Bump actions/cache from 4.0.2 to 4.1.0
d3a8d46b Bump golang.org/x/net from 0.29.0 to 0.30.0
791c4011 Bump k8s.io/client-go from 0.31.0-rc.1 to 0.32.0-alpha.1
44b28fe1 Bump actions/checkout from 4.1.7 to 4.2.0
ff409a52 Bump github.com/docker/docker
8e24af7c crictl exec: allow running single command in multiple containers
05b15a8c Bump github.com/docker/docker
8f49365b Update the release-notes tool to v0.17.8
cd721b7c Update golangci-lint to v1.61.0
2c83b263 Bump google.golang.org/grpc from 1.66.1 to 1.66.2
1b3b8c0f Remove container namespace mode for AppArmor tests
5709f7b0 Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
254c75f1 Bump go.opentelemetry.io/otel/sdk from 1.29.0 to 1.30.0
0bc617e4 Bump github.com/docker/docker
4574fbe0 Bump google.golang.org/grpc from 1.66.0 to 1.66.1
fc105b46 Bump golang.org/x/net from 0.28.0 to 0.29.0
fd9300b1 Bump golang.org/x/term from 0.23.0 to 0.24.0
c799ef77 Bump golang.org/x/text from 0.17.0 to 0.18.0
a1fb7b46 Bump golang.org/x/sys from 0.24.0 to 0.25.0
8d8aa5c7 Bump actions/upload-artifact from 4.3.6 to 4.4.0
6f5d2f4b Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2
3c9afec4 Bump google.golang.org/grpc from 1.65.0 to 1.66.0
86c6cc06 Bump github.com/onsi/gomega from 1.34.1 to 1.34.2
0e3460f2 Bump github.com/docker/docker
6ba1c61a Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
11ae7eaa Bump go.opentelemetry.io/otel/sdk from 1.28.0 to 1.29.0
7c48df2c Bump go.opentelemetry.io/otel from 1.28.0 to 1.29.0
d2914019 Bump github.com/onsi/ginkgo/v2 from 2.20.0 to 2.20.1
efd1844d Pin GitHub actions commits
e9b6633c Add `zeitgeist` based dependency check
19fd9b1b Cleanup `build` GitHub actions
ee88eaf7 Switch to go 1.23
7e575da7 Disable crun related test skips
6bab2761 Bump github.com/docker/docker
793c3e08 Fix `crictl` info for containerd
c78bd82b Bump github.com/urfave/cli/v2 from 2.27.3 to 2.27.4
a5ffc229 Bump golang.org/x/sys from 0.23.0 to 0.24.0
17298e18 Dedup pod name const
42f500e1 Fix release job working directory
6bc7dbf3 Update README.md version to v1.31.0
102b63cf Fix crun critest
3c75c94d Bump github.com/onsi/ginkgo/v2 from 2.19.1 to 2.20.0
7c06bc4a Improve `crictl inspect[pi]` commands to allow filtering
eb5acb03 Bump golang.org/x/net from 0.27.0 to 0.28.0
1ffab888 Bump golang.org/x/text from 0.16.0 to 0.17.0
f628d2d3 Update Kubernetes to v1.31.0-rc.1
0ce86f00 Remove CLI default values
d6343996 Remove unneeded `nil` checks
2777dd8b Bump golang.org/x/sys from 0.22.0 to 0.23.0
22d7ff92 Fix OOMKilled test
3b1e9337 Improve CRI-O test log collection
c11f0dbf Add more CRI-O matrix tests
2bb37326 Add idempotence tests
a24838ce Vendor Kubernetes v1.31.0-rc.0
b6c89f9d Enable and fix `goconst` linter
b9e5fb62 Enable and fix `errcheck` linter
e86d6525 Bump github.com/onsi/gomega from 1.34.0 to 1.34.1
30be8b94 Bump github.com/onsi/ginkgo/v2 from 2.19.0 to 2.19.1
43e60e8e Fix `ginkgolinter` linter
88e06f98 Bump github.com/onsi/gomega from 1.33.1 to 1.34.0
e715d05d Enable more linters and update config
e851e50f Bump github.com/urfave/cli/v2 from 2.27.2 to 2.27.3
b55fc387 Print portforward stdio only on error
ea031194 Fix `errchkjson` and `errorlint` linters
63cdd299 Fix `hugeParam` linter
ea2beb91 Fix `bodyclose` linter
55588a6f Fix `unnamedResult` linter
87600110 Fix `contextcheck` linter
38cab019 Fix `paramTypeCombine` linter
e12c790e Bump github.com/docker/docker
ab9029e0 Fix `importshadow` linter
c9e3de68 KEP-3619: use sleep infinity instead of while loop
695b6751 KEP-3619: sort SupplementalGroups field to make the assertion stable
c45cf828 KEP-3619: delete comments
64a7db2c KEP-3619: Fine-grained SupplementalGroups control (SupplementalGroupsPolicy).
29b04c4a KEP-3619: update cri-api dependency
363801a8 Fix `emptyStringTest` linter
d40d56b3 Fix `goprintffuncname` linter
ec3a47e4 Fix `nolintlint` linter
38f96ca1 Fix `whitespace` linter
53b0b533 Fix `gofumpt` linter
cfa33464 Fix `gci` linter
a57a3c13 Bump github.com/docker/docker
615f7180 Enable linters which do not report anything
56750091 Fix `godot` linter
825e8f1d Remove log message for AppArmor profiles
0a90b9b5 Fix lint timeout
011a460f Revert "Enable more linters and update config"
026503be Revert "Enable and fix all gocritic linters"
706bd2ac Enable and fix all gocritic linters
6678c597 Bump k8s.io/kubelet from 0.30.2 to 0.30.3
be479935 Bump k8s.io/kubectl from 0.30.2 to 0.30.3
f2fb00db Enable more linters and update config
b6d5dfbe Check AppArmor availability without vendored runc
bd276bf1 Add OCI Volume Source support
e970686d Make `crictl events` interruptable
0e42158f Fix build
e6fd881e Bump k8s.io/cri-client from 0.31.0-alpha.3 to 0.31.0-beta.0
93675326 Bump k8s.io/client-go from 0.31.0-alpha.3 to 0.31.0-beta.0
61627982 Bump k8s.io/api from 0.31.0-alpha.3 to 0.31.0-beta.0
e5f8b454 Bump k8s.io/apimachinery from 0.31.0-alpha.3 to 0.31.0-beta.0
fa6f5ce0 Remove use of deprecated proto packages
9990a760 Add stats label filter test
d3d80c74 Fix invalid JSON for multiple images/containers/pods
e04357aa Fix parent dir retrieval lint
c81525da userns: Fix running tests inside a userns
316d6d3c userns: Call runtime only once
934f1ccb userns: Skip tests if the host doesn't support idmap mounts
0d18e2d6 Fixes invalid JSON in crictl info
eee3e506 Update golangci-lint to v1.59.1 and fix lints
c5e3fd2f Add crictl `update-runtime-config` command
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
345cefb35e |
cri-o: update to v1.33.0
Bumping cri-o to version v1.33.0-63-g87ce1c120, which comprises the following commits:
b9bc2a2cd Upgrade netlink
8d0965635 Downgrade otelgrpc
bc9516250 build(deps): bump the gomod group across 1 directory with 20 updates
e90924e83 Revert "temporarily enable debug symbols"
6870ad334 test/ctr.bats: fix wrt new CPU units to weight conversion
2491f8124 Mark v1.30 as EOL
ba6a88448 fix prettier
7cf556a6f update nixpkgs
4450e698d Bump go version to 1.24.3
f8084ff63 build(deps): bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2
ab7d879dc temporarily enable debug symbols
1e751b490 fix deadlock when the container is in uninterruptible sleep
cb2965f42 [revert] internal/oci: fix terminal resize race condition
0d449e00e internal/oci: fix terminal resize race condition
662474e9b fix verify command
ebabdc929 unit tests fixup
85665a6fe code fixup
5944f40fc HighPerformanceHooks: Remove dead code ShouldCPUQuotaBeDisabled
a22b5dad9 FreeBSD fixup
ebee282d3 HighPerformanceHooks: Unit tests for Fix IRQ SMP affinity race
c50e4e0de HighPerformanceHooks: Fix IRQ SMP affinity race conditions
239f9ee61 install: drop outdated flatcar installation instructions
bfe3b83cf increase timeout of critests
5912f0483 change conmon install
25b3dfb58 UpdateContainerStatus: fix error logging
6062ff148 internal/hostport: fix linter warning
b3f139431 Redo metaHostportManager construction, fix bug
801383af3 Improve iptables error handling when there's no iptables binary
0a0b33208 deps: bump to runc 1.3
3f4b82fa6 Finish switching to opencontainers/cgroups
dc3d6b6ec pass down apparmor errors
608b8a0e9 Retry failed tests
290edee86 sandbox: use created/stopped instead of infra container for readiness
4996d1050 Extend checkpoint/restore test for container logs
f52c04277 Add coverage report from integration tests
6b20443c5 Fix `OS_RPM_NAME="$(rpmspec -q --qf '%{name}\n' "${OS_RPM_SPECFILE}" | head -1)"` exited with status 141. error
eea79c782 Switch to v1.34.0 as development version of `main`
a51c99a2c Decrease actual version
aa52c9329 Add option to allow seccomp profiles for privileged containers
4fc529bf8 Support multi architecture artifacts
d94a8f37c Add signature verification for image volumes
15bbcca97 build(deps): bump github.com/opencontainers/cgroups in the gomod group
d063f8293 Add v1.33 to supported versions
9b0142eb0 Update CNI plugins to v1.7.1
aecad95c3 Improve timeout integration tests
f499c0a96 Make metaHostportManager handle iptables vs nftables
982c191d9 Add an nftables HostPortManager
dda8739ea Move iptables HostPortManager code into its own file.
beb362521 Move hostport conntrack cleanup to metaHostportManager
dec4bda08 Move hostport IP family filtering to metaHostportManager
b7731057a Remove hostport.PodPortMapping
5db94b36b Revert "Squash MetaHostPortManager into HostPortManager"
6fd9131eb New UpdatePodSandboxResources CRI API handler
1a9acebff Fix build
30d575118 build(deps): bump the gomod group across 1 directory with 25 updates
479a8070c Fix GitHub actions CI test setup
766a81efb Fix container_create_freebsd.go
9660da25e remove runDir
b5f51739e remove storageRoot
e042f84b2 Remove mountLabel
52b81926b Remove absentMountSourcesToReject
5c9803b19 Remove bindMountPrefix
569e8d3db Update nixpkgs
2ac913d18 Support artifact mount sub paths
6df6cfc6f Update linter and fix reports
87ee7a4af Support `artifactType` OCI artifacts
4ae753afe Fix lint CI
dd38a1805 emit crio runtime config as part of CRI API's StatusResponse
fd5db98e6 Add the option to disable/enable OCI Artifact mount
68fe1936b Remove unused imports
bb9223fc0 Add container_spec_memory_limit_bytes metric
087e2ce46 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0
44d9073dd Disable pull-progress-timeout per default
ab9acb6f9 Add support for CNAI models
9cc9b0763 Add README for CI playbooks and remove cri-tools task
fe4378b38 .golangci.yml: remove gofmt
560bf28a1 .golangci.yml: remove some unused linters
7ddf15274 .golangci.yml: remove legacy preset from exclusions
8250128de internal/ociartifact: rename MarshalJSON -> ToJSON
a904a4e0e test/mocks: regenerate
8c3ce800f Run make mockgen
310a66356 .golangci.yml: rm some unused exclusions
c02c3a54d Run mockgen
b5b96dfdf Refactor metrics descriptors
012b6cde5 Increase pull-progress-timeout to `30s`
d3f7cb491 Update nixpkgs
6a4a3ee9b test
7c4fbadc4 Add container stop signal feature (KEP-4960)
a1f07bc4b Fix build
3feb9ad31 build(deps): bump the gomod group across 1 directory with 6 updates
a9a660579 Fix image status so that it can get artifact with canonical name and short name
6b244a90a Switch to golangci-lint v2
2fa08cfa2 Use `strings.SplitSeq` instead of `strings.Split`
704932bc3 fix schema v1 images not resolve to image ID error
f554c58ea Address linter complaint
62aeb65ce Remove Krzysztof Wilczyński as maintainer
19adbe020 Set default masked paths
f5d0ff28e crio wipe should remove storage only once per reboot
e429f75ee OCPNODE-3016: support mount OCI artifact
64567e976 Fix comment location about error message
f4cff283d build(deps): bump the gomod group with 2 updates
fca4ea622 Add image volume subpath support
db553b0be Use go version requirements from go.mod
2dc6d0831 Add lint-fix target
7f7d77ace build(deps): bump github.com/containerd/containerd from 1.7.26 to 1.7.27
109872da3 Cleanup: ensure image volume path
24452a56c build(deps): bump github.com/containers/common in the gomod group
29c662a5b build(deps): bump the kubernetes group with 6 updates
ab6bc86b8 Fix release notes download location
c2f55509f Update debug flag
a0ffef29a build(deps): bump github.com/containers/image/v5 in the gomod group
25775fdb3 build(deps): bump the gomod group across 1 directory with 2 updates
662f8cab6 Require go 1.24 for build
512d33bc5 build(deps): bump the gomod group with 7 updates
00a7117dc Improve artifact error logs
9824edb9d build(deps): bump the gomod group with 5 updates
3f1398477 build(deps): bump the gomod group with 3 updates
3507a2a5b Update the release-notes tool to v0.18.0
9e69a709f Update conmon to v2.1.13
663066d99 build(deps): bump the gomod group across 1 directory with 2 updates
754a1ed24 Add OCI artifact support
e69571c34 Drop image status log message
b638954fe Switch to go 1.24
f46b83d3f build(deps): bump github.com/containerd/containerd in the gomod group
826ef8052 build(deps): bump the gomod group across 1 directory with 5 updates
c3363e0c3 add --extra-experimental-features nix-command flag to build-static target
dfc2778ee build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5
92fd877a0 Update golangci-lint config and fix reports
8c9fa54ba Add validate method for sandbox
32854c9d1 server: fix races in GetContainerEvents
6fdd6b3bc Updating install docs
0a81f1ef7 build(deps): bump the kubernetes group with 6 updates
8287e4159 server: don't dereference Config.Linux if it is nil
3c7337fb9 server: move createSandboxContainer and related functions to container_create.go
7cdfc7938 server: factor out adding /dev/shm mount
e533ab281 server: factor out adding sysfs mounts
20b17df06 server: add no-op stub for makeOCIConfigurationRootless
5035c19a0 server: factor out creating the security context
286e7e24f internal/factory/container: add no-op stub for SpecAddDevices on FreeBSD
7f104e5da internal/factory/container: make SpecAddNamespaces platform-specific
68091febb internal/factory/container: make (*container).SelinuxLabel platform-specific
29a85ace4 internal/linklogs: add stub for freebsd
2f4bc00c2 internal/config/device: add stub for DevicesFromAnnotation
2efa5b35f Fix context cancellation when image pull progress timeout is `0`
10070a556 Fix build
d9d5def74 build(deps): bump sigs.k8s.io/release-sdk in the kubernetes group
29e76f138 Remove `exclude_graphdriver_devicemapper` build tag
a4c67cc6c Fix: If cgroup manager is cgroupfs then allow conmon_cgroup to be empty
dcfb01965 build(deps): bump google.golang.org/protobuf in the gomod group
2193e6280 Update mocks
864e43306 build(deps): bump the gomod group across 1 directory with 8 updates
a961ed207 Mark v1.29 as EOL
60c3697ac Fix typo in version_update_mask regex
77f2041ea Change nixpkgs update to monthly
4ceeaddaa Switch to golang native error joining and errgroup
0b6a04bea test: add test coverage for LinkLogs malicious paths
910f6e5d6 internal/linklogs: sanitize the directory path before using it
d5ab7c46c build(deps): bump sigs.k8s.io/release-utils in the kubernetes group
6dbfcec98 Downgrade github.com/cyphar/filepath-securejoin
b27a733c8 Remove `LimitNOFILE` from systemd service file
ecd3b6dce build(deps): bump the gomod group across 1 directory with 8 updates
6b4fd0741 Add warning log for a process having an uninterruptible child.
d19a9d641 Enable `wsl` and `nlreturn` linters
0979d3497 Integrate native GitHub arm64 runners
a371ae1c3 Log error when failing to update container status from exit file
03472dd92 Enable linters and auto-fix
630b608f0 Add documentation hint how to handle the versions
6691836a5 Revert 'Add 1.33 to supported minor version'
f67859446 watchdog: decouple CNI plugin initialization from CRI-O health checks
e87f86c1b Switch to our log module for logging in iptables module
1b06fc09d Add `release-1.33` to active prerelease version
1f60a95cc internal/config/ociartifact/ociartifact: Do not hard-code 'sha256' in error message
6dc287d45 vendor: downgrade github.com/cyphar/filepath-securejoin to v0.3.6
db4ca1752 * : fix lint/vendor issues to update dependabot updates
16289cad3 Update nixpkgs
271146940 Fix klog-shim to close the bracket properly
1005e0e32 build(deps): bump the gomod group across 1 directory with 17 updates
05296551a Avoid using UpdateContainerStatus for ReopenContainerLog and add logs tests
1a6765b73 Makefile: introduce GO_TEST for more flexible configuration
a9e7d29b3 Improve `sync.Map` iterators with an implicit call
807943105 Remove Fedora 39 content
ddaed68a3 Makefile: fixes wrt crio.conf
f5e6d6f7f Update nixpkgs to the latest HEAD commit
78c45f865 Update nix release to v2.24.11
458137a7a Update release-notes release to v0.17.11
3b94f59b1 Update gosec release to v2.21.4
a9aa6072f Update shfmt release to v3.10.0
fbc3ce557 Update golangci-lint release to v1.63.4
0fe4097af Update buildah release to v1.38.0
72f95429a Update bats release to v1.11.1
6da7ef28b Update containernetworking/plugins Go package release to v1.6.2
3f0f86965 Update multiple dependencies to newer releases
997e4fbd3 server: fix panic when default annotations are specified
b473c6c04 Fetch latest containernetworking/plugins tag instead of v1.1.1
6e0df0924 Update CRI-O version and add checks
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
b875cfa269 |
containerd: update to v2.1.3
Bumping containerd to version v2.1.3-2-g41bb88c7e, which comprises the following commits:
b74268f86 bugfix:close container io when runtime create failed
7636bd5eb fix when multipart fetching and the server does not return content length
627729341 Prepare release notes for v2.1.3
3c5ede878 Update transfer supported platforms logic
babacebad Fix fetch always adding range to requests
fb752bc8e fix import for local transfer service
f30be44ad Update fetcher errors to include full registry error
f6d926314 Register remote errors for clients to access registry errors
7c1813345 Decode grpc errors in the transfer client proxy
63b9eae62 Prepare release notes for v2.1.2
cff1feb28 *: properly shutdown non-groupable shims to prevent resource leaks
2ce169aae ci: bump golang [1.23.10,1.24.4] in build and release
70bcb9b55 Enable CIs to run on WS2022 and WS2025
c71f77170 build(deps): bump google.golang.org/grpc from 1.72.0 to 1.72.2
9b6c1949a Fetch image with default platform only in TestExportAndImportMultiLayer
4bcea74de Update differ selection in transfer service to prefer default
0c3cd8a99 Add debug log when transfer returns not implemented
820e56765 Add more error details when unpack fails to extract
480126f50 erofs-snapshotter: fix to work with wrapped errors
d82921ff5 Enable DuplicationSuppressor in transfer service
0bb25c3d6 ci: bump golang [1.23.9, 1.24.3] in build and release
dd2ce49d0 Add symlink breakout test for overriden path
ac8e84efc client:improve mount error message
216667ba0 Prepare release notes for 2.1.1
e1817a401 docs/snapshotters/erofs.md: a tip for improved performance
2168cb92c erofs-differ: fix EROFS native image support
444ca17cd update runhcs version to v0.13.0
40575a15f cri:use debug level when receive exec process exited events
0684f1c44 build(deps): bump github.com/Microsoft/hcsshim
ac00b8e61 Revert "perf(applyNaive): avoid walking the tree for each file in the same directory"
37d6c4236 Update removal version for deprecated registry config fields
7fcbc3c46 core/runtime/v2: cleanup shim-cleanup logs
e7be076d4 ctr:make sure containerd socket exist before create client
c90524d5f .github: mark 2.1 releases as latest
897f65cff Prepare release notes for v2.1.0
ca36be282 Update api to v1.9.0
e51f9c177 Update release for 2.1 release and next to releases
a6db1c440 Update mailmap
145175bf4 Prepare release notes for api/v1.9.0
5dc29f0e7 core/runtime: should invoke shim binary
e5ef65017 Revert "not set sandbox id when use podsandbox type"
1c70f237c integration: add testcase to recover ungroupable shim
51664ad32 build(deps): bump github/codeql-action from 3.28.16 to 3.28.17
0d085bc53 build(deps): bump the golang-x group with 2 updates
7360c739f Fix image inspect skip over missing content
ddbd748a5 clones k8s apimachinery resource quantity for cri annotation parsing
e2d6a7160 cri: put limiter out of config
33ee060a3 Use Go 1.19 atomic wrappers everywhere
9e67469fa clones k8s utils clock for cri server events to remove dependency
5f3f84f56 removes use of klog from containerd repo
4dfe4e8be Update runc binary to v1.3.0
42937de92 cloning k8s apimachinery set utils no longer vendoring apimachinery
bfd85405d clones k8s component-base logreduction for integration test
8a08aebe1 removing/cloning vendor of kubelet pod label definitions
3851bd540 fix unbound SKIP_TEST variable error
9058ab4ae Revert "disable portmap test in ubuntu-22 to make CI happy"
ee7189d1d Add retries for flaky Windows test
d70d6245f Retry registry operations once on 50x on last host
ca356e46e cri: add a ConcurrentDownloadLimiter
a914597c0 fix: client pull: pass fetch performances options
413702b7e fix comment
89780188f dockerFetcher.open: show all parameters when pulling a layer
e499939a4 build(deps): bump actions/attest-build-provenance from 2.2.3 to 2.3.0
7fe090e9a build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0
105602db0 build(deps): bump google-github-actions/auth from 2.1.8 to 2.1.10
b559084fb build(deps): bump github/codeql-action from 3.28.15 to 3.28.16
b89733812 core/transfer/local: should not mark complete if it's not found
0dcdc1ffa bump:update cni to v1.7.1
7c03dd036 nri: add type conversion functions removed from NRI.
f71c2c2d5 Prepare 2.1.0-rc.0 release
61cbbaaba Update api to v1.9.0-rc.0
f42ee3431 Update mailmap entries
83ad3b55f code review fixes
a196ee66a better race mgt
ce73e1b3e docs: Run userns example in /tmp
882b1903c docs: Fix typo in userns example
b62339f39 docs: Fix typos to run userns with ctr
72c8c7708 only keep one setting: concurrent_layer_fetch_buffer
024775dab set dl options on resolver
88116b191 remove max_dl_operations setting
755a4ac6f update
f9af08820 perf(pull): multipart layer fetch
cdd7ec40d Support configuring custom media types for unpack
17b6e1ef8 Allow streaming to client
40eb2fdbb Fix protos
bd8e6c727 Enable http debug and tracing for non local puller
1d436803d Add http debug fields to OCI registry protos
27e6c117d Move HTTP debug code to pkg
c0ce618a1 Add release notes for api v1.9.0-rc.0
d16ad8f5c fix: update containerd config dump to reflect plugin config migrations.
f57727c42 Revert criserver metrics subsystem back to cri
b694be29a Update CRI image service to pull using transfer service
2f9734fa5 erofs-differ: support EROFS native image layers
d52386ab9 Add check for rootfs type and only unmarshal relevant parts
5dcdd5484 golangci-lint: add forbidigo rules to prevent regex.MustCompile
147787449 use lazyregexp to compile regexes on first use
fa0e50ccf implement lazyregexp package
f512e3174 ctr shim: allow override to computed shim address
21a6db1b3 Update CRI documentation to add information about Image Pull with Transfer Service
4b4e6f7c6 not set sandbox id when use podsandbox type
e511a384e Add warning message when using async mode
89a8cd2fb Introduce no_sync option
57c1cfa5f Update godoc for Bolt options
2db2db3a8 Customzie BoltDB options in MetaStore
c94a92f42 Expose boltdb configuration for metadata plugin
98eded24b Move erofsutils to internal
5d3a4d082 build(deps): bump softprops/action-gh-release from 2.2.1 to 2.2.2
f815d0291 build(deps): bump google.golang.org/grpc from 1.71.1 to 1.72.0
47afd3d1c Fix vagrant setup
eb09e8d75 Add loong64 seccomp support
568880ec3 erofsutils: MountsToLayer slight optimizations
09f34d18b erofs-differ: implement fast differ with DiffDirChanges()
b8649bd38 client: fix returned error in the defer function
5cb77bc22 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0
01ff3b364 chore: fix broken links to https://docs.docker.com/registry
40b0083c4 fix(docker pusher): if authorizing a cross-repo mount fails, fall back
6f93c65f5 use go1.23.8 as the default go version
5629e9fff update to go 1.24.2, 1.23.8
d73880a9f build(deps): bump github.com/prometheus/client_golang
fc23c4d61 build(deps): bump google.golang.org/grpc from 1.71.0 to 1.71.1
76470adf7 build(deps): bump github.com/moby/sys/user in the moby-sys group
97eb1cd46 change criService.runtimeHandlers slice to a map
764dcf77a config: postpone planned v2.1 deprecations to v2.2
499238a52 Remove deprecated dynamic library plugins
9ca6a7ee0 Disable arm64 criu testing in GH Actions
70db1bd00 disable portmap test in ubuntu-22 to make CI happy
8e6c93b6b add option to skip tests in critest
c1026d5bf Fixing install instructions for Windows
752914b5b Add content create event to api
81acabd95 release: use Ubuntu 22.04 (glibc 2.35)
d9c889568 Remove the support for Schema 1 images
74af78b34 cri,nri: allow plugins to inject devices using CDI.
3251e2cc8 Prevent panic in Docker pusher.
4857de853 Add cri.config.headers to auth requests
10b4eb4a9 Add hosts.toml headers to auth requests
5ae698235 Only add containerd as User-Agent when it's empty
f87b2c1cd avoid import to testing pkg outside of tests
be9ca11a1 fix call fmt.Errorf with wrong error
eae1a6adc build(deps): bump github/codeql-action from 3.28.13 to 3.28.15
8db39a964 build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
2a52260c7 build(deps): bump azure/login from 2.2.0 to 2.3.0
2d3ff252d build(deps): bump github.com/containernetworking/cni from 1.2.3 to 1.3.0
be602ea5c build(deps): bump the golang-x group with 2 updates
3a5f04fdd build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.3 to 2.2.4
a083b669c Set default differ for the default unpack config of transfer service
1dbb7f2ae pkg/sys: improve GetLocalListener/CreateUnixSocket error message
bca39a6f4 Add documentation for test for issue 10467
713f753e5 Update release upgrade tests to test 1.7 and 2.0
9d05ae03b Revert "Remove test for issue 10467"
33dae72b9 build(deps): bump lycheeverse/lychee-action from 2.3.0 to 2.4.0
c9b9f4a9a build(deps): bump crazy-max/ghaction-github-runtime from 3.0.0 to 3.1.0
ead5c1ee6 cri:fix lost container exit events if they arrive before info is cached
860260434 store extension when create sandbox in store
cffb6d425 downgrade cni version in CI test
07a23b6f4 use type textarea
3ef9084d0 Create cri_kep.yaml
450038a28 integration/client: add tests for TaskOptions is not empty
7e5c5038a prefer task options for PluginInfo request
ec3567d6b update taskOptions based on runtimeOptions when creating a task
fe4703cde integration: check image volume snapshot after deleting pod
d141d6c3d integration: run image volumes for linux platform only
de833ebbb cri: enhance error handling for image volume
be0ab6e93 cri: add volatile option to image volume mount if applicable
d080d441d build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6
7e7c3b0a8 build(deps): bump github.com/opencontainers/selinux
3689dec42 build(deps): bump actions/download-artifact from 4.1.9 to 4.2.1
cb6a82a92 build(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2
5b194505e build(deps): bump github/codeql-action from 3.28.11 to 3.28.13
ce690b0a9 build(deps): bump actions/cache from 4.2.2 to 4.2.3
aff7e4797 build(deps): bump github.com/containernetworking/plugins
a3a66d1f2 Fix the panic caused by the failure of RunPodSandbox
10fae41ad go.mod: tags.cncf.io/container-device-interface v1.0.1
e7b4165ab *: CRIImageService should delete image synchronously
42effa3b9 Mark `NetworkPluginBinDir` as DEPRECATED
7f9ca1dcb update max container log line size json field
71f593d4a Support multiple CNI plugin bin dirs
7fe5c4123 go.mod: golang.org/x/net v0.37.0
3e96f1a51 Update runc binary to v1.2.6
6670d4153 build(deps): bump tags.cncf.io/container-device-interface
14e94bcbf build(deps): bump github.com/containerd/imgcrypt/v2 from 2.0.0 to 2.0.1
80e3fc4ce build(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.2
ec5d686b1 build(deps): bump the k8s group with 5 updates
234a4411f build(deps): bump docker/login-action from 3.3.0 to 3.4.0
c8effff1a Fix CI lint error
7c522819d support to set defer cleanup timeout to decrease ctx timeout
53eec6c78 move host tlsconfig update to a separate function
f702bf9fe [hosts] wrong explicitTLS value when dialTimeout is set
8028a1d08 Bump github.com/go-jose/go-jose/v4 from v4.0.4 to v4.0.5
ce055b530 Bump golang.org/x/text from 0.22.0 to 0.23.0
e0aaed012 Bump golang.org/x/term from 0.29.0 to 0.30.0
c4982bffc Add dial timeout field to hosts toml configuration
94dd70f4f build(deps): bump the otel group with 8 updates
85c04ab0e build(deps): bump the golang-x group with 3 updates
12762891d Remove test for issue 10467
5bbd3ed1b add k8s 1.32 and as tested containerd supported branches at the time of release
93cc1e6eb Fix upgrade test runtime config
531adbf06 config:fix config migrate lost timeout config
de1341c20 validate uid/gid
9e6beafd5 Support container restore through CRI/Kubernetes
88faaac97 build(deps): bump containerd/project-checks from 1.2.1 to 1.2.2
9f885ea4f build(deps): bump github/codeql-action from 3.28.10 to 3.28.11
d7de182dd build(deps): bump actions/attest-build-provenance from 2.2.2 to 2.2.3
75252f975 build(deps): bump github.com/prometheus/client_golang
c37e48b07 build(deps): bump google.golang.org/grpc from 1.70.0 to 1.71.0
700b98415 build(deps): bump github.com/urfave/cli/v2 from 2.27.5 to 2.27.6
833d6bc8e Update release status for 2.1 to beta
71cfe00ee Prepare release notes for v2.1.0-beta.n
be8fe50f4 Update the upgrade test to handle 2.1
06daffb4d integration: update TestUpgrade for 2.1
405a952c6 add name in package version
4f090fe77 update to go1.23.7 / go1.24.1
b947e0566 fix: repeat args from sub-func call
ee574e76e client: Respect `client.WithTimeout` option
4357a7600 use shimCtx for fifo copy
edd1cc50d docs: include note about unprivileged sysctls
393ad5b11 e2e: use the shim bundled with containerd artifact
f8f205382 Update runtime-spec to v1.2.1
af5ff5a1f CVE-2025-22869: upgrade golang.org/x/crypto to v0.35.0
3a5de731c erofs-snapshotter: clear IMMUTABLE_FL only for committed snapshots
10f2b7fde CVE-2025-22868: upgrade golang.org/x/oauth2 to v0.27.0
705518e58 ci: update GitHub Actions release runner to ubuntu-24.04
971915797 erofs-snapshotter: force the use of loop devices for single-layer images
69c0d7f60 build(deps): bump containerd/project-checks from 1.1.0 to 1.2.1
37fe1e8b4 build(deps): bump golang.org/x/net from 0.23.0 to 0.33.0 in /api
0eea93d68 build(deps): bump actions/cache from 4.2.1 to 4.2.2
20fa1ca46 build(deps): bump actions/attest-build-provenance from 2.2.0 to 2.2.2
9b0b67951 build(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0
86734729f build(deps): bump actions/download-artifact from 4.1.8 to 4.1.9
001dfeb19 build(deps): bump github.com/klauspost/compress from 1.17.11 to 1.18.0
72ac5cad4 build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0
d37ea6977 Bump to newer opencontainers/image-spec @ v1.1.1
b477cf8e9 erofs-snapshotter: protect layer blobs with FS_IMMUTABLE_FL
d8063c30d perf(applyNaive): avoid walking the tree for each file in the same directory
e84e5a215 build(deps): bump go.etcd.io/bbolt from 1.3.11 to 1.4.0
00cb73503 Swap to go.etcd.io/bbolt/errors for bbolt errors
22d568fb5 Update CDI dependency to v0.8.1.
f25f36c33 proxy: break up writes from the remote writer to avoid grpc limits
51f063f07 Prefer runtime options for PluginInfo request
d2b5653c1 build(deps): bump the k8s group across 1 directory with 6 updates
76858ac8e Ignore defunct verifier procs in test
268880bf5 [improve] prevent oom watcher depend on shim pkg.
4e7484d3f CI: arm64-8core-32gb -> ubuntu-24.04-arm
f3b6078f9 erofs-snapshotter: add fsverity support
86cde823a build(deps): bump actions/cache from 4.2.0 to 4.2.1
49257264f build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1
125525d6c build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1
0500dacf6 build(deps): bump github/codeql-action from 3.28.9 to 3.28.10
71958731e move security profile to cri/sputil pkg
b8a759f1f build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.5.0
f23981281 build(deps): bump google.golang.org/grpc from 1.69.4 to 1.70.0
a1e7457bc docs: add CRI Plugin Config runtime_path
1ec10d9ae Add OCI/Image Volume Source support
480e1039f move exclude-dirs to issues.exclude-dirs
a502b7931 Clarify port handling in hosts toml
44baada6a device mapper:fix sometimes blkdiscard doesn't have --version flags
938775864 Update runc binary to v1.2.5
326fbf074 build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.5
6a01ad3e1 cri,nri: block NRI plugin sync. during event processing.
df99aa321 update to go 1.24.0 / go1.23.6
41eaa41c4 update golangci-lint to v1.64.2
17acb356f build(deps): bump github.com/vishvananda/netns from 0.0.4 to 0.0.5
84e07f6b5 build(deps): bump the golang-x group with 3 updates
6a08d70e6 build(deps): bump github/codeql-action from 3.28.8 to 3.28.9
2f971ee2d build(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0
2b8a7f253 build(deps): bump lycheeverse/lychee-action from 2.2.0 to 2.3.0
bdb8cb5a8 build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.2
a1c540085 Support for importing layers in the block CIM format.
b98378638 move the device after the options when using mkfs.ext4
1fc497218 Fix privileged container sysfs can't be rw because pod is ro by default
c51f5d26f perf(zstd): deactivate the low mem decoder
b65f3875b build(deps): bump google-github-actions/upload-cloud-storage
841ab361c build(deps): bump github/codeql-action from 3.28.6 to 3.28.8
565b50dbb build(deps): bump google-github-actions/auth from 2.1.7 to 2.1.8
2eb0aa6b9 nri: make OCI spec available on StopPodSandbox
168c49e4d Fix state/root bug in shim sandbox controller
3cdfc1003 core/remotes: Handle attestations in MakeRefKey
e751b6bb1 core/images: Ignore attestations when traversing children
83b65e52f Revert "Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG"
0c986c332 build(deps): bump actions/attest-build-provenance from 2.1.0 to 2.2.0
575239789 build(deps): bump actions/stale from 9.0.0 to 9.1.0
48d09104d build(deps): bump github/codeql-action from 3.28.1 to 3.28.6
6d1f6e75d Update upgrade section
5f238fa82 Update to time based releases
886d971f8 Update LTS definition and support horizon
a6dc9905c client: add WithExtraDialOpts option
69e82f9cd build(deps): bump the otel group across 1 directory with 8 updates
53d6f3482 build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0
4b77d4e41 build(deps): bump softprops/action-gh-release from 2.2.0 to 2.2.1
22e77720b build(deps): bump github/codeql-action from 3.27.9 to 3.28.1
f572a6db9 build(deps): bump lycheeverse/lychee-action from 2.1.0 to 2.2.0
36d3888cf build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0
19c546c97 build(deps): bump github.com/tchap/go-patricia/v2 from 2.3.1 to 2.3.2
460e5a2e2 build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.3
157faf65c update to go1.23.5 / go1.22.11
222308416 Remove noinline in apparmor SpecOpts
2a4164ac8 Remove noinline in seccomp SpecOpts
00fee4adb Transfer Service: enable remote snapshotters
04f9e30db log: avoid using unsupported field by logrus
bdc847f1e Remove deprecated WithCDIDevices in oci spec opts
e20f7f4a2 Move CDI device spec out of the OCI package
740c5d428 docs: fix some function names in comment
b49df6af1 move FuzzCRIServer to go native fuzz
6148dbdd7 Update platforms to latest rc
2f15d6586 Add tests for EROFS snapshotter
fd4caef78 Add EROFS snapshotter documentation
2486d542a Introduce EROFS Snapshotter
c73c8e5d5 Introduce EROFS differ
fb44e37ff Remove confusing warning in cri runtime config migration
6019bcdfb move FuzzContainerdImport to go native fuzz
b7a117b46 Fix fuzz integration tests
ffbe1b573 Use a order-only-prerequisite for mandir creation
b81ace872 Update cimfs snapshotter & differ for new hcsshim interface
58bd48ecf add some doc for shim reap orphan process
09bf281ec fix go-cni race condition
15d3bf9b2 Bump up otelttrpc to 0.1.0
e1aeb37cd ci: fix the issue of config_file unset
e65283321 make TestContainerCgroupWritable not parallel
54ed595e1 update runc binary to v1.2.4
79a42eedc ctr: `ctr images import --all-platforms`: fix unpack
63f604728 Add snapshotter exports to unpack platform
ef7fa43c9 build(deps): bump golang.org/x/sys in the golang-x group
d156d3df9 Benchamrk chainID calculation in unpack
00a11e91d downgrade go-difflib and go-spew to tagged releases
95f45541e Avoid duplicated chain ID calculation in unpack
e70977180 change metadata fuzz operations as const and slice instead of map
a4e3218e8 change tmp dir creation in fuzz to t.TempDir
ee6338188 bump up ttrpc to use its MD.Clone
4f2f12be6 Bump seccomp version to be the same as one in runc repo
a8c643cc5 change copyright from ADA Logics to containerd
a55083007 Remove github.com/AdamKorcz/go-118-fuzz-build in go.mod
2de103029 Move fuzz tests to go native fuzz [part1]
bee64b2b9 Remove loop variable copies
4a4a027f7 build(deps): bump google.golang.org/protobuf from 1.36.0 to 1.36.1
9fc711a8a Clarify Go client API guidance
9bb31b706 build(deps): bump google.golang.org/grpc from 1.69.0 to 1.69.2
f98d5fdb6 build(deps): bump github.com/containerd/cgroups/v3 from 3.0.4 to 3.0.5
1e3d10dc2 Make ovl idmap mounts read-only
652e4d0b1 Add integ test to check tty leak
26a156f4f Update golangci to 1.60.3
aedb079bf fix master tty leak due to leaking init container object
1363849b0 Add integration test
7f3599f09 build(deps): bump golang.org/x/net from 0.30.0 to 0.33.0
fa531f808 Update golangci-lint version in dev tools script
2f37b9da3 build(deps): bump google.golang.org/protobuf from 1.35.2 to 1.36.0
dda702042 Enable Writable cgroups for unprivileged containers
4e4537a87 build(deps): bump google.golang.org/grpc from 1.68.1 to 1.69.0
f6e956c22 build(deps): bump github.com/containerd/imgcrypt/v2
31e129856 build(deps): bump docker/setup-buildx-action from 3.7.1 to 3.8.0
d29751424 build(deps): bump github/codeql-action from 3.27.6 to 3.27.9
a172d2c11 build(deps): bump softprops/action-gh-release from 2.1.0 to 2.2.0
47c4dba40 Unify default transport in docker resolver
ef0e70922 Fix runtime platform loading in cri image plugin init
aeb414021 build(deps): bump google.golang.org/grpc from 1.67.1 to 1.68.1
23e014140 vendor: golang.org/x/crypto v0.31.0
9b3d999bd vendor: golang.org/x/term v0.27.0
1032fad27 vendor: golang.org/x/text v0.21.0
6764e62cf vendor: golang.org/x/sync v0.10.0
160676647 vendor: golang.org/x/sys v0.28.0
981414521 update runc binary to v1.2.3
ff0d99e02 Add multiple uid/gid mapping test cases to integration tests
ec231cdcf Update ctr to support remapper labels with multiple uid/gid mapping entries
8bbfb6528 Update snapshotter opts to support multiple uid/gid mapping entries
8a030d653 Update overlay snapshotter to support multiple uid/gid mappings
168ec21db Update idmapped mount to support multiple uid/gid mappings
a11405975 Add RootPair() and serialization routines to userns idmap
1f220b23e feat: update go-cni version for CNI STATUS
d76f92f24 update xx to v1.6.1 for compatibility with alpine 3.21 and file 5.46+
927012243 build(deps): bump actions/cache from 4.1.2 to 4.2.0
73864c520 build(deps): bump github/codeql-action from 3.27.5 to 3.27.6
afee762fb build(deps): bump actions/attest-build-provenance from 1.4.4 to 2.1.0
11b78255d cmd: add syncfs option to ctr command
e0459262b Remove After=local-fs.target from containerd.service
6c7b1afe5 Log "container event discarded" as Info
81780a5dd update to go1.23.4 / go1.22.10
2c4c04032 internal/cri: should not apply IoOwner options
4a664772e The task_dir successfully cleans when the file is absent.
4c11d753c ctr pull unpack for default platform using transfer service
6fdc35243 CI: update Fedora to 41
0903f203f fix panic due to nil dereference cgroups v2
b78c5c6ed docs: fix snapshots api import
ed39dfa5d Add integration test for custom configuration
8540fed77 complete cri grpc config migration
59a2c3523 Add containerd community call to readme.
17f7858b4 Update differ to handle zstd media types
e9d560f1e Unsorted platform conditionals cleanup
485020ca8 fix: loop variable capture issue
ea9397793 build(deps): bump github/codeql-action from 3.27.4 to 3.27.5
6c16f3490 build(deps): bump github.com/containerd/cgroups/v3 from 3.0.3 to 3.0.4
5c905fb6c build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0
662d64080 build(deps): bump the k8s group with 5 updates
3961dc9c8 Publish attestation as release artifact
288001f68 move rocky 9.4 to almalinux/9 in CI
e24864e48 Clarify release for deprecated registry field removals
34284c507 Add tests for CNI v2 loopback options
a21b178f1 *: should align pipe's owner with init process
f5b2c3a07 build(deps): bump github/codeql-action from 3.27.1 to 3.27.4
be2c4504e build(deps): bump github.com/containerd/continuity from 0.4.4 to 0.4.5
dd2d89167 build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2
9a7bc5423 update runc binary to 1.2.2
f8819df7c Update install-imgcrypt to allow change install repo
f6e30e962 [defaults] Reorganize per-platform defaults
9c7a403a2 [containerd-stress] Use platform-specific default address
9e3ab2332 Move content events to metadata
1b01f396d Revert "Disable vagrant strict dependency checking"
6c1b699bf docs: update schema 1 deprecation information
01c489141 build(deps): bump github.com/containerd/typeurl/v2 from 2.2.2 to 2.2.3
cebca6f87 build(deps): bump the golang-x group with 3 updates
73ae1c66f build(deps): bump lycheeverse/lychee-action from 2.0.2 to 2.1.0
4bd33276c build(deps): bump github/codeql-action from 3.27.0 to 3.27.1
d32ed4a56 build(deps): bump actions/attest-build-provenance from 1.4.3 to 1.4.4
d810c5759 build(deps): bump softprops/action-gh-release from 2.0.9 to 2.1.0
91e4e0967 fsverity_linux.go: Fix fsverity.IsEnabled() for big endian systems
f9537ae12 fsverity_test.go: fix major/minor device number resolving
8a8e50e6d fsverity_test.go: fix nil pointer dereference, fix test fail
bcc3cc968 update to go1.23.3 / go1.22.9
784116b7d Avoid arch info in the sed/replace when building cri-cni-containerd.tar.gz
c130d93c1 make ListContainerStats handle container that is removed before its sandbox
a17001b42 build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0
bc056a5c6 nri: report pod ips to the nri plugins
a256f326c bump nri version to get PodIPs
11b1353c1 fix: set the credentials even if not provided
1617fd72e test: prevent segfault in imageverifier test
2447936fc Fix runtimeoptions location in v2 migration
0c2805a6e Report an error when cni confDir removed
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
82843e2174 |
conmon: update to v2.1.13
Bumping conmon to version v2.1.3-208-gb2f13b0, which comprises the following commits:
2a1dda8 src: Fix terminal resize event processing
4d374fd fix integration github action
ede56b9 fix wrong conditions of k8s-file logging
f37e9e7 logging: Add container labels to log entries on journald
93dcd63 Makefile: simplify fmt
c85e7bb Remove hack/tree_status.sh
0a5e93d Remove hack/kubernetes-e2e
0b024b2 ci: add go.mod/go.sum validation
7c7b0c5 ci/gha: add all-done job
12c3a59 ci/gha: fix branch name
5b51069 Remove old vendored go-md2man
58e4cf4 ci/gha: remove actions/cache
9389c61 Use gofumpt
8cb0c76 runner/conmon_test: rm unused skopeoPath
adb68be runner/conmon: rm unused writeConmonPipeData
c56cab5 Replace ioutil.TempDir with t.TempDir
4d836a4 Use os.ReadFile/os.WriteFile instead of ioutil
c490967 runner: stop using pkg/errors
869f9d2 Use %m instead of strerror(errno)
38ff637 cmsg: error logging nits
f464b59 seccomp_accept_cb: fix memory leak
8c35fb5 Remove pwarn macro
775ef67 write_journald: fix logging a warning
0e7fd17 write_oom_adjust: remove extra newlines from ndebugf
238f24a Introduce pwarnf() for better diagnosis of socket/fd write issues.
5412374 Handle descriptor in non-blocking mode properly. Resolves: #490
82de887 Bump conmon version to 2.1.13
24498b5 Install some packages to fix CI
41e2c0d Make timestamp generation never fail.
119db20 Change permissions of logs from 0600 to 0640
02c6ea6 Avoid bogus journal filling errors
eec8fa1 Switch go version to 1.19
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
780c0e56b5 |
catatonit: update to v0.2.1
Bumping catatonit to version v0.2.1-3-g56579ad, which comprises the following commits:
56579ad main: don't use secure_getenv
ead41eb VERSION: back to development
bb3b96b VERSION: release v0.2.1
2e85478 CHANGELOG: add changelog file
f80876f init: switch to / after spawning subprocess
bef5d5f README: explain how docker run --init is supposed to work
064bc9f Add a usage example for Dockerfile in README
65e1b96 fix build with kernel < 5.9
880defa version: back to development
7f0c9bb version: release catatonit 0.2.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
abd1206e64 |
buildah: update to v1.40.1
Bumping buildah to version v1.40.0-14-ged56ef16d, which comprises the following commits:
08026ceb3 Builder.sbomScan(): don't break non-root scanners
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
bccbfff56e |
aardvark-dns: update to v1.15.0
Bumping aardvark-dns to version v1.15.0-14-g513be8b, which comprises the following commits:
d71294c release v1.15.0
06fbfe4 release notes for v1.15.0
ce41695 github: add automatic release action
ca22339 deps: update nix to 0.30.1
75ace53 fix(deps): update rust crate tokio to 1.45.0
d00ef95 fix(deps): update hickory-dns monorepo to 0.25.2
b234db7 Makefile: use cargo --locked in CI
eab2ed1 ci: ensure tree is clean after build
7b9f20a fix(deps): update rust crate clap to ~4.5.37
ce81a00 chore(deps): update rust crate chrono to 0.4.41
407b816 chore(deps): update dependency containers/automation_images to v20250422
767eae2 fix(deps): update rust crate libc to 0.2.172
fef43b7 .github: check_cirrus_cron work around github bug
e451092 fix(deps): update rust crate tokio to 1.44.2
0d6c386 update hickory to 0.25.1
03526d6 fix(deps): update rust crate clap to ~4.5.34
70df6f2 Add link to c/common contributor's guide
f79abf4 chore(deps): update dependency containers/automation_images to v20250324
a0473ec update log to 0.4.27
ce420ef fix(deps): update rust crate tokio to 1.44.1
a70c535 test: use ncat not nc
9ae36da fix(deps): update rust crate libc to 0.2.171
aa2b388 fix(deps): update rust crate tokio to 1.44.0
d7e7464 .github: remove cirrus rerun action
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
bc2a750d5c |
containers: adapt to UNPACKDIR changes
This commit updates the container recipes to the OE core UNPACKDIR
changes.
- We drop references to WORKDIR
- We adjust destsuffix fetches to use BB_GIT_DEFAULT_DESTSUFFIX
instead of 'git'
- Update our GOPATH references to use UNPACKDIR
- Drop S = assignemnts where possible
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Changqing Li
|
0115e61cdd |
kubernetes: rename CNI_NETWORKING_FILES
Rename CNI_NETWORKING_FILES to 00_cni-containerd-net.conflist. According to the following k8s doc, k8s networking file will be used when both containerd-cni and kubernetes-cni both installed. "If there are multiple CNI configuration files in the directory, the kubelet uses the configuration file that comes first by name in lexicographic order." This commit can fix following issue: PACKAGE_CLASSES = "package_deb" do_rootfs failed with error: dpkg: error processing archive /path/to/oe-rootfs-repo/corei7-64/./kubernetes-cni_v1.32.0+git0+5fe148234f_release-r0.deb (--unpack): trying to overwrite '/etc/cni/net.d/cni-containerd-net.conflist', which is also in package containerd-cni v2.0.5-r0 Refer [1], "--no-force-overwrite" is set for dpkg, so above error occurred. [1] https://git.openembedded.org/openembedded-core/commit/?id=cb95ba079960411775c57ab864d266e15a6292d1 Signed-off-by: Changqing Li <changqing.li@windriver.com> |
||
|
Chen Qi
|
a8175deded |
podman: remove ptest
The ptest was added almost three years ago and since then nobody ever fixed anything. It's almost impossible that the ptest never failed. As an evidence, for the current version, the test cases cannot even run. Remove this ptest. People who care about podman ptest should be maintaining it. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d560060e4c |
docker-compose: limit the amount of data copied
The AWS dependency includes a VERY large set of directories, which are over 9G in size. To avoid some of this data movement, we suggest shallow clones and update our vendor rsync to exclude directories over 500M. This drastically speeds up the copy and overall build time. More investigation needs to be done, and perhaps a switch away from git clones for this recipe as the data over the network during fetch is still an issue. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cbe8ceb787 |
podman: fix PACKAGECONFIG QA errors
bitbake now errors if PACKAGECONFIG is used, but doesn't have entries for the possible values in the variable. podman was using PACKAGECONFIG as a local feature variable in one case (docker) and in the other, was later adding a RDEPEND that could have been done via the packageconfig directly (rootless). The docker issue is fixed by creating a PODMAN_FEATURES variable and testing on it, and the rootless one is fixed by using PACKAGECONFIG to add the rdepends Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
48586e7ea3 |
docker-distribution: fix assignment operation whitespace
The scripted assignement operator cleanup incorrectly caught BUILDTAGS, which breaks our build. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
de9a4540ca |
cri-tools: fix assignment operation whitespace
The scripted assignement operator cleanup incorrectly caught BUILDTAGS, which breaks our build. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
33136f6c20 |
criu: update to v4.1
Along with the new commits we adjust the following:
- refreshed patches
- pytoml fixes for crit plugin
- debug prefix map for cuda
Bumping criu to version v4.1, which comprises the following commits:
b6059ff19 criu: Version 4.1 (CRISC-V)
bc1415317 criu: fix log_keep_err signal deadlock
0f6470944 namespace: skip cleaning up the uid/gid map in error cases
6826ac58c ci: run tests on a nftables only system
700a8c4b5 ci: do not run tests requiring iptables if it is missing
f22330ff0 test: print out logs if tests fail
29ccb5b62 test: others/rpc do not use nftables locking backend
95729ec32 docs: mark make commands with same format as elsewhere
2cd9d5ded docs: update INSTALL.md with a section about building CRIU
867c77303 make: allow setting the default network locking backend
720bf67e0 zdtm/vdso02: unmap vvar_vclock mappings
62a4a5874 vdso: correct data types for ELF hash table sizes
b8553d19e test/zdtm: check that PAC keys are C/R-ed
8ae5db37b arm64: C/R PAC keys
c5d46d86a restorer: Add a lock around cgroupd communication.
7748b3fe7 pstree: print clone flags in error message
d85550157 vdso: Fixes in DT_GNU_HASH handling
ed6374b48 lsm: use the user provided lsm label
d35808f5e ci: update to latest actions for codeql CI job
c298b51a6 scripts/uninstall_module: import signal module
38b9807cd coredump: enable coredump generation on arm
da90b33a4 coredump: enable coredump generation on aarch64
030fa4aff criu: fix internal representation of cgroups hierarchical structure
b7fa7d304 kerndat: run iptables with -n to not resolve service names
528c94c48 ci: install gawk for Fedora based tests
d66bc3499 Makefile: move codespell options to .codespellrc
8a06ca27c vdso: switch from DT_HASH to DT_GNU_HASH (aarch64)
6710cfce1 zdtm/netns_sub_sysctl: add ipv4/ping_group_range sysctl check
4ca74b9af net/sysctl: c/r ipv4/ping_group_range value
9c40781c2 net/sysctl: put common multiplier outside the brackets
d226bd4f6 ci: handle results from latest codespell
e2dffcbc8 lib: do not set protobuf has_* field too early
82b03429b cuda: disable CUDA plugin for pre-dump
7f0d107fe seize: use separate checkpoint_devices function
02056bf41 cuda: prevent task lockup on timeout error
f83931542 net: remember the name of the lock chain (nftables)
54795f174 criu: use libuuid for criu_run_id generation
815ef6884 ci: two check-commits.yml changes
061f4266e test/zdtm: add a new test to check non-periodic timers
09dc2e958 timer: Refine itimer_armed logic and improve timer value handling
aad66a4f7 test: fix cmdlinenv00 on aarch64
2b7492480 files-reg: fix buffer overflow on aarch64
6fdac5081 seize: Adjust the position of the log message
97398068b net: redirect nftables stdout and stderr to CRIU's log file
6dce80c53 util: added cleanup_file attribute.
260c08418 zdtm: Check CapAmb is restored correctly after C/R
6f8efad30 cr: Task CapAmb support
94b9b3c5d freeze_processes: implement kludges for cgroup v1
82f4ecda6 freeze_processes: fix logic
99e1fbd8a criu/seize.c: clang-format it
a8754905c test: run scm06 in the ns and uns flavors
15c81c126 test/java: increate the ghost file limit
dc6cef0b4 cuda: Fix return value from CHECKPOINT_DEVICES hook so that dump's fail properly
8ee2eba47 vdso: handle vvar_vclock vma-s
ed560a349 pidfd: add missing include
40b7f04b7 compel/arch/riscv64: properly implement compel_task_size()
399d7bdcb compel: fix gitignore and remove autogenerated code
21e5f4cfd test: add get-state to mocked cuda-checkpoint tool
28c2cb3fd cuda: enable checkpoint support for paused tasks
498bcf280 zdtm: Check many processes with common dead pidfd
7125bfc69 pidfd: one process creates a helper and opens all fds to it
b1cac7a8e cuda: fix check for GPU device availability
36a53fe23 ci: test interrupt-only mode with frozen cgroup
4196268ee seize: enable support for frozen containers
ff9dbef90 seize: fix error handling for check_freezer_cgroup
622b43392 criu: Initialize util before service worker starts
9052ef93c uffd: Disable image deduplication after fork
2be958d22 include: don't use GCC's __builtin_ffs on riscv64
da6b1807e ci: add workflow for riscv64
bb29067de zdtm: add riscv64 support
6d970ed04 criu: add riscv64 support to parasite and restorer
1d028ef44 images: add riscv64 core image
95359a62a compel: add riscv64 support
d8f93e7ba include: add common header files for riscv64
c49eb18f9 pidfd: block SIGCHLD during tmp process creation
5ca440069 zdtm: add inventory test plugins
5335b35f7 images/inventory: add field for enabled plugins
b524dab32 pycriu: fix lint errors
88aa7e2c1 make/lint: use 'ruff check <path>'
f29e655df zdtm: Check pidfd for thread is valid after C/R
7a64004dc zdtm: Check fd from pidfd_getfd is C/Red correctly
2e6f34845 zdtm: Check dead pidfd is restored correctly
3f30ec0ed zdtm: Check pidfd can kill descendant processes
2899d4600 zdtm: Check pidfd can send signal after C/R
3096df9ea zdtm: Check pidfd fdinfo entry is consistent
1ce408ffa criu: Support C/R of pidfds
3322d1e94 images: Add protobuf definition for pidfd
4f8f6f288 Makefile.config: set CR_PLUGIN_DEFAULT variable
f1d465448 amdgpu: remove exec permissions on source files
c2b48ff42 criu: Version 4.0 (CRIUDA)
a8cbe76d4 util: dump fsfd log messages
096c1f7a4 plugins/amdgpu - Increase maximum parameter length
60ee5ebd9 plugins/amdgpu: Zero ib_info on initialization
691899889 plugin/cuda: disable CUDA plugin if /dev/nvidiactl isn't present
e1331a4b6 fault: allow to check dont_use_freeze_cgroup
651df375b criu: Allow disabling freeze cgroups
59f49c627 codespell: fix typos
edb6fbb82 scripts/uninstall_module: fix package discovery
b1b3c14b1 cuda: unlock on timeout error
dbfa45024 ci: run aarch64 tests native via actuated
8beac656f coredump: fail on unsupported architectures early
d44fc0de5 test: only run macvlan tests if macvlan devices can be created
01c65732b test: better test for SELinux tools
615ccf98c crit: do not crash on aarch64 doing 'crit x ./ rss'
21ea718f9 plugins/amdgpu: fix printf format specifiers
3e2ed1879 plugins/amdgpu: use C99-standard types
d68205e91 ci: enable cross compile testing for amdgpu-plugin
2ee584441 plugins/amdgpu: fix cross-compilation
9a19cf34d scripts/ci: run tests with the mocked cuda-checkpoint tool
de31abb97 criu/plugin: don't call plugin device hooks for non-alive tasks
dea630591 test/zdtm: allow to run tests with the mocked cuda-checkpoint tool
67fe44e98 support user set remote mmap vma address
551cd9244 timer: fix printf specifiers for __suseconds64_t
a045c874c ci: run tests with amdgpu and cuda plugins
2453ed69a zdtm: add option to run tests with criu plugins
ad66c27a1 cuda: fix launch cuda-checkpoint
fde0b7ac6 cuda: don't leak fds to cuda-checkpoint
4dde52a30 ci/podman: show mounts
9a85fb638 ci/podman: show criu logs in case of error
8437663cc delete redundant include header files
c42b58f4f plugin: enable multiple plugins for the same hook
85050be66 seize: fix pause-devices plugin hook
21108b40d test/zdtm: mount a new tmpfs to the zdtm root /dev
fcbadfbdb plugins: set executable bit on .so files
5783706d5 docs: update amdgpu-plugin man page
089345f77 Adjust to glibc __rseq_size semantic change
b9081ca56 zdtm: make cgroup testcases run non-parallel
4f45572fd util: use close_range when it's supported
42b177da6 scripts/build: drop centos 7 targets
181583819 vdso: proxify the __vdso_clock_gettime64 function
ac22aaf57 apparmor: get_suspend_policy must return NULL in error cases
71999d888 cgroupd: unblock SIGTERM to make stop_cgroupd actually work
daed6c353 irmap: duplicate string in irmap_scan_path_add
b169e3b63 plugins/cuda: fix crosscompilation
ca971b7f8 compel: fix build on Amazon Linux 2 due to missing PTRACE_ARCH_PRCTL
bf417dd05 criu/plugin: Add NVIDIA CUDA plugin
5f486d5ae criu/plugin: Introduce new plugin hooks PAUSE_DEVICES and CHECKPOINT_DEVICES to be used during pstree collection
1012e542e criu: Restore rseq_cs state slightly earlier in the restore sequence and run the plugin finalizer later in the dump sequence
7ac453706 readme: update link to FAQ page
4f15fe8c5 make: improve check for externally managed Python
fdf546dbd ci: upgrade to Fedora 40 Vagrant images (38 is EOL)
f17164926 test/dump-crash: check code path when dump crashes
a252a240c zdtm: Distinguish between fail and crash of dump
6feb57a84 ci: remove CentOS Stream 8 test (EOL)
1da29f27f zdtm: add support for LD_PRELOAD tests
e7276cf63 pagemap-cache: handle short reads
cc88b1e1f net: Fix TOCTOU race condition in unix_conf_op
457bc6a8f criu: use proper format-specified to accommodate time_t 64-bit change
95f66d13d criu: move sigact dump/restore code into sigact.c
9c8a6927a ci: update check for SELinux
b3c3422cd test/make: remove unused target
30aa8dbe4 mount: fix unbounded write
708f872a6 sk-tcp: Add test cases for TCP_CORK and TCP_NODELAY socket options
9ba9aff77 sk-tcp: Move TCP socket options from SkOptsEntry to TcpOptsEntry
1cb75c0b1 sk-tcp: Move TCP socket options from TcpStreamEntry to TcpOptsEntry
13854a988 criu: fix a fatal failure if nft doesn't work
df178c7e5 sk-tcp: cleanup dump_tcp_conn_state error handling
4607b5356 mem: optimize debug logging of enqueued pages
f4290868b ci/vdso01: fix typo
e68a06cfd ci: update actions/checkout to v4
5aaf45021 ci: update base OS to ubuntu 22.04
1c2a3d7fa check: verify ino and dev of overlayfs files in /proc/pid/maps
e07ffa04b Makefile.config: fix/improve feature warnings.
af4058871 timer: fix wrapping allignment in function declaration
0fc83a79b ci: silence CircleCI warning about deprecated image
52623cca1 criu: move timers dump/restore code into separate file
231ba0cd2 zdtm/sched_policy00: use reset-on-fork flag
75fed59ef Add support for reset-on-fork scheduling flag
8f0e200e6 mem: fix some VMAs being incorrectly mapped wtih PROT_WRITE
a2b018a18 ci: try to fix broken docker test
a48aa33ea restorer: shstk: implement shadow stack restore
7dd583002 restore: add infrastructure to enable shadow stack
f47899c9e criu: kerndat: add kdat_has_shstk()
2ebd1a4f0 criu: shstk: prepare shadow stack parameters for restorer blob
4b6dda7ec criu: shstk: premap and prepopulate shadow stack VMAs
17eda3ce5 criu: shstk: add VMA_AREA_SHSTK flag
0aba3dcfa compel: shstk: prepare shadow stack signal frame
63a45e1c8 compel: infect: prepare parasite_service() for addition of CET support
6e491a19a compel: shstk: save CET state when CPU supports it
17f4dd095 compel: always pass user_fpregs_struct_t to compel_get_task_regs()
0b8c51eaa compiler: add ALIGN_DOWN macro
f590c2b63 zdtm/static: check that cgroup layout of threads is preserved
a0a6ec3dc cgroup: Add support for restoring a thread in a correct v1 cgroup
835afb1b8 criu-ns: fix lint error
e0b74f558 make: replace flake8 with ruff
7fd4a15e6 pb2dict: fix flake8 error
e0f91e66e kerndat: check support for PAGE_IS_SOFT_DIRTY
a808f09be amdgpu_plugin: fix lint errors
bd17bd43e sk-inet: fix codding style in restore_ip_opts
895a16c13 zdtm: Added tests for IP_TTL restore
71102e7f7 sk-inet: Added IP_TTL socket option
0d5923c95 amdgpu_plugin: Refactor code used to implement Checkpoint
733ef9631 amdgpu_plugin: Refactor code in preparation to support C&R for DRM devices
b689a6710 plugin/amdgpu: Also don't print 'plugin failed' in criu
59599dacd plugin/amdgpu: Don't print error for "No such process" during resume
92e8f9293 net: return bool with iptable_has_criu_jump_target
a62f82730 criu-log: remove unused declaration
d2511707f zdtm: socket-tcp-nft-nfconntrack: add a hook to the chain in nft case
afc0efcf7 pagemap-cache: add an ability to run tests without PAGEMAP_SCAN
cb64d73ad page-cache: use the PAGEMAP_SCAN ioctl when it is available
20628bc8a kerndat: check the PAGEMAP_SCAN ioctl
842289c7e net: add error messages for restore of nftables
d94251df7 test/nfconntrack: use nft or iptables-legacy
0ab2f9e97 net: fix network unlock with iptables-nft
d9c427d70 irmap: hardcode some more interesting paths
b419f3dfd make: fix compilation on alpine
7b689b7a4 gitignore: remove historical left-over files
2d1f4ec71 ci: disable non-root in user namespace test in container
fe8f5130c ci: fix centos-stream 9 ci errors
6679d60ff ci: do not use 'tail' for skip-file-rwx-check test
f86f1b849 tty: skip ioctl(TIOCSLCKTRMIOS) if possible
8a51639e3 Makefile: Use common warnings settings for loongarch64
37d62fa47 docker-test: downgrade docker to v24.0.7
1004625fa docker-test: fix condition for max tries
088390ea8 ci: switch to permissive selinux mode during test
900909d95 test: check for btrfs in the current directory
fc94b2d15 ci: fix rawhide netlink error
9f9737c80 comple: correct the syscall number of bind on ARM64
f8b14286b criu: Version 3.19 (Bronze Peacock)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Martin Jansa
|
3971471c05 |
metadata: relocation.inc: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are many WARNINGs from this layer Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
b88da59f0b |
metadata: src_uri.inc: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are many WARNINGs from this layer Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
c01273e001 |
metadata: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are many WARNINGs from this layer will cover src_uri.inc files in next commit. Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
0aca307071 |
netavark: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are WARNINGs like: WARNING: meta-virtualization/recipes-containers/netavark/netavark_1.14.1.bb: meta-virtualization/recipes-containers/netavark/netavark_1.14.1.bb:25 has a lack of whitespace around the assignment: 'PACKAGECONFIG[aardvark-dns]= ",,, aardvark-dns"' Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
a309b738e7 |
nerdctl: update to v2.0.3
Bumping nerdctl to version v2.0.3-249-g497c7cf7, which comprises the following commits:
bd7cbb38 Stop sharding cache per containerd version
99d03ee8 Dockerfile: update buildkit to 0.20.1
cc81c720 Remove golanci-lint action
430c57c5 Update Canary and EL8 titles
1d372563 update RootlessKit (2.3.4)
27b91ecf ensure logger completion after container exit
e33a85f9 Dockerfile: remove "goversion" stage
98a531a2 Move GHA to zstd compression
bc4642a4 build(deps): bump the golang-x group across 1 directory with 6 updates
f19eb5a3 CI: simplify setting up Lima
7505c3f5 Replace hack/verify-no-patent.sh with depguard
e52580ee Adding document analyzing CI/dockerfile
f7901228 Disable buildx output for dependency stage
3daef1cb Implement updated test matrix
699c8509 Fix broken lint-license task
9182ea4e Increase wait for ensurecontainerstarted
a81136c2 Fix kubectl download url
bd5bcca4 Fix referenceutil.FamiliarMatch SIGSEGV
ce10c922 Update containerd/project-checks (1.2.2)
d80c2cf4 Fix alma ci target
34e44e7b Migrate TestRunDevice test
d9a0e87b Quiet out apt-get calls
0296acd3 Use makefile task to install golangci
0b606c7f build(deps): bump github.com/opencontainers/image-spec
121c656f build(deps): bump actions/cache from 4.2.1 to 4.2.2
678822a9 --quiet image pulls in tests
4d76aa96 CI: drop Ubuntu 20.04, add AlmaLinux 8
147ebca4 [ci] rollback setup vagrant comment
6d3c49a7 Fix test TestNoneNetworkHostName
62c1565b Add golangci and yamllint to tigron
077558c8 Lint fixes
7f049905 Move to creack pty
0020c912 Makefile fixes
ea685aed Add qemu/rosetta notes
8af2e4c2 Update containerd v2.0.3
e58ceaa6 build(deps): bump github.com/containernetworking/plugins
d432a4a1 build(deps): bump github.com/containerd/containerd/v2
ca1fd3cb build(deps): bump github.com/opencontainers/runtime-spec
37e5e59d build(deps): bump docker/setup-qemu-action from 3.5.0 to 3.6.0
898e3e46 Harden test pty error handling
e21e4b2c Cleaning variables and function names in cmd
0e883056 Fix apparmor host check to include aa-parser
a5a7f181 build(deps): bump actions/cache from 4.2.1 to 4.2.2
5220350d add hostsPath to inspect response
88e9c5d9 Rename NO_COLORS
715cb0c2 Enforce pkg isolation as part of golangci
f99a5635 build(deps): bump the docker group with 2 updates
d52eaf3e build(deps): bump docker/metadata-action from 5.6.1 to 5.7.0
166ace96 build(deps): bump docker/build-push-action from 6.14.0 to 6.15.0
18e52416 build(deps): bump docker/setup-qemu-action from 3.4.0 to 3.5.0
14b3ace1 build(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0
44b8b584 Fix kube-hide-dupe docs typo
ef92eec5 build(deps): bump golang.org/x/crypto in the golang-x group
4b765cd8 Reorg test package
9210685b Makefile cleanup
b41e8c98 Normalize all command variables to cmd
701e5563 goimports-reviser: remove hack
7fcde18b Disable golangci preflight config validation
11f6fe2c go.mod: set minimum Go version to 1.23
7341e841 CI: set GOTOOLCHAIN=local
18df1402 update Go (1.24)
cd151127 CI: arm64-8core-32gb -> ubuntu-24.04-arm
01d3cafb Increase CI run timeout
0d62b98e Restrict EnsureContent to the requested platform
745aaf7f CI: set fail-fast to false
10ddc598 build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5
37d99587 feat: add hostConfig to nerdctl inspect response
c2c1d4a0 Rewrite signal tests
d90729c8 Add test tooling for signals
16e22577 Make subpackage test a separate module
655171c7 Remove unbuffer from container tests
c7919f93 Prevent acquire from blanking hosts file
3b59119e Cleanup XDGRuntime logic
0128d4a8 Remove forked sysinfo package
11e6d04b Tests to error on timeout
a687e2c9 Rewrite detach tests without unbuffer
8664311c feat: add signal option to containerRestart
8bef3618 docs: add --log-driver=none to run command reference
c1694998 Support bind propagation options in Compose volume long syntax
4e0688b7 build(deps): bump github.com/containerd/accelerated-container-image
a0f12369 build(deps): bump github.com/klauspost/compress from 1.17.11 to 1.18.0
59b48e63 build(deps): bump docker/build-push-action from 6.13.0 to 6.14.0
3eb9a963 build(deps): bump actions/cache from 4.2.0 to 4.2.1
d3f5d105 add tests
b45d96db build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
31a7ab84 build(deps): bump golangci/golangci-lint-action from 6.4.1 to 6.5.0
99210b69 add signal option to container stop command
893a3937 feat: add support for 'domainname' option in container create
5ffcba6e Fix FATA error when inspecting images in native mode
3f496b8c Cleanup old/unused helpers
105e5eba Remove require daemon version for >=1.6
8675cc6c build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.4.1
cb416319 Add pty support for testing
94c271e8 update runc (1.2.5)
974bc843 fix: network cleanup called twice
4e111d32 docs(nerdctl-compose): add missing details in command-reference.md
4722dd6f build(deps): bump github.com/compose-spec/compose-go/v2
3680b00a build(deps): bump gotest.tools/v3 from 3.5.1 to 3.5.2
3f7b70fa build(deps): bump golang.org/x/net in the golang-x group
a6086d1e build(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.3.2
d64ab5a9 enable host name and default resolv.conf and hosts file in none network
402bd2a2 build(deps): bump docker/setup-qemu-action from 3.3.0 to 3.4.0
0f17259a build(deps): bump golang.org/x/crypto in the golang-x group
c6666e3f fix nerdctl-full SHA256SUMS fails
cf95ae0e Reduce file permissions
c4a795fa build(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0
5e36bef0 build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0
fd0bcbe5 build(deps): bump the golang-x group with 4 updates
2ecc3944 Fix apparmor test not running
38636145 Prevent reference filter from failing on dangling images
2b07c188 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
8a80469c Harden journald test
7565cebb build(deps): bump github.com/cyphar/filepath-securejoin
653c6de0 test: Add a test for container access with 127.0.0.2 specified in -p in rootless mode
82791bf6 fix journald logger exit and wait behavior
2a750939 Consistently use WithError when logging errors instead of %s
17bbdffd Consistently use %w instead of %s or %v when wrapping errors
6e5e943b fix: prevent panic in nydus snapshotter inspect
7f433aaa Fix socket address not being updated properly
10e4cda3 Test portability fix: ensure tini-custom is here
7c9d25ad Disable systemd test on arm64
fe59974d build(deps): bump docker/build-push-action from 6.12.0 to 6.13.0
99bd7728 Fix test time to use UTC
73520336 Skip TestRunBindMountPropagation
a6fe6c15 Fix wrong error comparison
ec6a6abd Relax error on annotations read failure
26c03224 build(deps): bump github.com/ipfs/go-cid from 0.4.1 to 0.5.0
8a0c16c0 build(deps): bump the docker group with 2 updates
af3bb999 build(deps): bump github.com/rootless-containers/bypass4netns
84caccfc build(deps): bump actions/setup-go from 5.2.0 to 5.3.0
a4fa4faa integration test: specify IPFS_PATH for IPFS service
cb7fc0d4 update BuildKit (0.19.0)
e7e27f62 update containerd-fuse-overlayfs (2.1.1)
00e21f75 update bypass4netns (0.4.2)
d786133a update RootlessKit (2.3.2)
f17df13e update Kubo (0.32.1)
8af25af6 update containerd (2.0.2)
08206c8e build(deps): bump github.com/rootless-containers/rootlesskit/v2
128e6a7c [doc] AppArmor profile setup for rootlesskit
ab027adf Correct `compose logs` command reference
9a6426d8 fix: save multiple images for the same image id to a tar archive
ae9894e3 build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0
ef26ad8f reset spec if update returned error
7a4c2528 build(deps): bump docker/build-push-action from 6.11.0 to 6.12.0
fcb900e9 test: Add an test for added logic to TestRunWithInvalidPortThenCleanUp
7bfbd31f fix: Add the logic to clean up an orphaned etchosts directory
e3d27107 test: refactor TestRunWithInvalidPortThenCleanUp
70bed8df build(deps): bump github.com/containerd/containerd/v2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Kyungjik Min
|
dd625f5d90 |
tini: Support posix basename from musl libc
This fixes building with musl libc. Signed-off-by: Kyungjik Min <dpmin7@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Zhang Peng
|
c949c06f0b |
cri-o: Add CONTAINER_DEFAULT_RUNTIME to run-ptest
CRI-O version 1.31 and later defaults to crun instead of runc. This change cause ptests to fail if crun is not installed on the target system, as the test runner verifies the runtime's availability using 'command -v "$CONTAINER_DEFAULT_RUNTIME"'. Additionally, CRI-O specifies the runtime via the VIRTUAL-RUNTIME_container_runtime variable as a dependency. This commit explicitly sets the CONTAINER_DEFAULT_RUNTIME environment variable within the run-ptest script, based on the value of VIRTUAL-RUNTIME_container_runtime. This ensures ptests execute with the expected container runtime. Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
351644d9bc |
skopeo: update to v1.18.0
Bumping skopeo to version v1.18.0-67-ge8d9f916, which comprises the following commits:
da1bf9f7 chore(deps): update dependency containers/automation_images to v20250324
7983f20a Remove obsolete build tag syntax
8d000f45 Use the new maps.Keys and slices.Sorted
1f49b2c0 Use slices.Backward
a31470d7 proxy: Add GetLayerInfoPiped
ec219604 Update github.com/hashicorp/go-multierror
1a38d976 Update github.com/dsnet/compress
49569bcf Complete paths for some transports
e7e09255 Don't complete a space after '<transport>:'
9c0f31dc In (skopeo inspect), validate the manifest against a digest reference
9fda7e73 In (skopeo layers), validate the blob against the expected digest
a0799484 Always close the blob we are reading from a registry
a5182876 fix(deps): update module golang.org/x/term to v0.30.0
b8637922 chore(deps): update dependency golangci/golangci-lint to v1.64.8
56ccf09c ROADMAP: new file
03fa889d chore(deps): update module golang.org/x/net to v0.36.0 [security]
15132e6c Update to Go 1.23
4080a631 fix(deps): update module github.com/containers/common to v0.62.2
cc743c3c chore(deps): update dependency golangci/golangci-lint to v1.64.7
91c6aa61 fix(deps): update module github.com/containers/image/v5 to v5.34.2
d00ea33d fix(deps): update module github.com/containers/storage to v1.57.2
7bd0dc21 .github: remove cirrus rerun action
547141ce fix(deps): update module github.com/opencontainers/image-spec to v1.1.1
a185498c chore(deps): update dependency golangci/golangci-lint to v1.64.6
fad5a31a chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security]
5744b9b4 chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.4 [security]
934ea727 fix(deps): update module github.com/containers/common to v0.62.1
8a44fe6c fix(deps): update module github.com/containers/image/v5 to v5.34.1
c7aaed73 Update for cobra API change
9d73060a fix(deps): update module github.com/spf13/cobra to v1.9.1
5c968d67 chore(deps): update dependency golangci/golangci-lint to v1.64.5
841a1b61 chore(deps): update dependency golangci/golangci-lint to v1.64.4
8c2eff1d chore(deps): update dependency golangci/golangci-lint to v1.64.3
f88186e6 [skip-ci] Packit/TMT: Run system tests
ff462b3d PR Labels: apply release label to release- branch PRs
8c20592d chore(deps): update dependency golangci/golangci-lint to v1.64.2
20746ae2 Bump Skopeo to v1.19.0-dev
64361bde Bump Skopeo to v1.18.0
bd1ac466 Switch to the CNCF Code of Conduct
59ec5547 fix(deps): update module golang.org/x/term to v0.29.0
04d65888 fix(deps): update module github.com/containers/common to v0.62.0
137a912c chore(deps): update dependency containers/automation_images to v20250131
52895bc6 fix(deps): update module github.com/spf13/pflag to v1.0.6
b78a4159 fix(deps): update module github.com/containers/image/v5 to v5.34.0
5eba0614 RPM: include check section to silence rpmlint
9764c99d RPM: cleanup gobuild macro for CentOS Stream
a81cb65f fix(deps): update module github.com/containers/storage to v1.57.1
85fa4dff fix(deps): update module github.com/containers/storage to v1.57.0
ed0efc69 feat: Add `--retry-delay` Option
ab53f644 fix(deps): update module github.com/containers/common to v0.61.1
653db366 fix(deps): update module github.com/containers/image/v5 to v5.33.1
6483de48 fix(deps): update module github.com/containers/storage to v1.56.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
12dcef2958 |
runc-opencontainers: update to v1.3.0-rc.1
Bumping runc to version v1.3.0-rc.1-40-g25d47644, which comprises the following commits:
bac33825 build(deps): bump github.com/opencontainers/selinux
bc96bc85 libct/seccomp: use maps and slices pkgs
370733b7 libct/cap: rm mapKeys, use maps.Keys, slices.Sorted
3a33b6a3 Make state.json 25% smaller
9c5e687b libct: Use chown(uid, -1) to not change the gid
d31e6b87 ci: bump bats to v0.11.0
8e653e40 script/setup_host_fedora.sh: use bash arrays
a76a1361 script/setup_host_fedora.sh: remove -p from mkdir
af386d1d tests/int: rm some "shellcheck disable" annotations
b48dd651 ci: bump shellcheck to v0.10.0
6e5ffb7c Makefile: bump shfmt to v3.11.0
53931553 libct: log a warning on join session keyring failure
9aeb7905 tests/int/selinux: fix skip message
5ac77ed6 libct/int: add/use needUserNS helper
1d9bea53 .cirrus.yml: install less dependencies
1afa1b86 signals: replace unix.Kill with process.Signal
346c80d7 libct: replace unix.Kill with os.Process.Signal
135552e5 CI: migrate Vagrant + Cirrus to Lima + GHA
d5fe5303 build(deps): bump golang.org/x/net from 0.36.0 to 0.37.0
000cdef7 build(deps): bump golang.org/x/sys from 0.30.0 to 0.31.0
79e9cf53 doc: update spec-conformance.md
12c2e21f build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0
05e83fc6 deps: bump go-criu to v7
5d6e7e12 VERSION: back to development
a00ce11e VERSION: release v1.3.0-rc.1
10ca66bf runc exec: implement CPU affinity
d92dd226 performance improvement: setup signal notify in a new go routine
a75076b4 Switch to opencontainers/cgroups
6e01e850 CHANGELOG: fwd port 1.2.1 to 1.2.5 changes
537a2276 build(deps): bump github.com/opencontainers/runtime-spec
c43ea7d6 exeseal: do not use F_SEAL_FUTURE_WRITE
1d047e44 expose criu options for link remap and skip in flight
559bd4eb libcontainer: rename dmz -> exeseal
ad09197e libct: don't send config to nsexec when joining an existing timens
74619689 test: exec into a container with private time ns
28475f12 Retry direct unix package calls if observing EINTR
4e0f7a20 libct/cg/dev: remove specconv dependency
69792827 libct/cg: don't use utils.CleanPath
5e1dcdf5 libct/cg: add internal/path.Inner
271aa88e libct/cg/fs2: rm _defaultDirPath
7bebe68c libct/cg: stop using utils.ProcThreadSelf
42449786 CI: gha: rm ubuntu-20.04
79a4ac05 deps: bump cilium/ebpf to v0.17.3
8db6ffbe libc/utils: simplify CleanPath
26cfe142 release: explicitly set --keyserver in release signing scripts
0e3b5d5b build: bump libseccomp to v2.5.6
d237bc46 .cirrus.yml: use Go 1.24
16d73367 Require Go 1.23.x, drop Go 1.22 support
87420749 CI: add Go 1.24, drop go1.22
99f9ed94 runc exec: fix setting process.Scheduler
b9114d91 runc exec: fix setting process.ioPriority
73849e79 libct: simplify Caps inheritance
049a5f76 libct/cap: allow New(nil)
f26ec922 libct: rm Rootless* properties from initConfig
2a86c357 libct: document initConfig and friends
13277b20 build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0
4b87c7d4 Fixups for newProcess
8fbdb7e7 setupIO: optimize
c4eb0c61 libct: createExecFifo: optimize
5d2e2445 execProcess: move some code to newProcess
c283ed10 tests/int: add hooks argv[0] test
8529591c build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5
746a5c23 libcontainer/configs/validate: improve rootlessEUIDMount
055041e8 libct: use strings.CutPrefix where possible
259b71c0 libct/utils: stripRoot: rm useless HasPrefix
ecf74300 libct/cg/fscommon: GetCgroupParam*: unify
ef983f51 libct/cg/fscommon: ParseKeyValue: stricter check
d83d533b libct/cg/fscommon: GetValueByKey: use strings.CutPrefix
f1348712 libct/cg/fscommon: ParseKeyValue: use strings.Cut
e9855bda libct/cg/fscommon: use strings.Cut in RDMA parser
930cd494 libct/cg/fs2: use strings.Cut in parsePSIData
40ce69cc libct/cg/fs2: use strings.Cut in setUnified
037668e5 libct/cg/fs2: simplify parseCgroupFromReader
075cea3a libcontainer/cgroups/fs: some refactoring
4271ecf7 libct/cg/fs: refactor getCpusetStat
bfcd479c libct/cg/fs: getPercpuUsage: rm TODO
871d9186 exec: improve getSubCgroupPaths
7149781f exec: use strings.Cut to parse --cgroup
ec9b0b5f runc list: use standard os/user
52f702af libct: earlier Rootless vs AdditionalGroups check
7dc24868 libct: switch to numeric UID/GID/groups
b55167e0 tests/int/exec --user: check default HOME
ccb589bd libc/int/userns: add build tag to C file
d84388ae libct/cg/sd: set the DeviceAllow property before DevicePolicy
a274d275 build(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0
54fa0c55 capabilities: be more graceful in resetting ambient
f414b534 CI: fix criu-dev compile
8e5bb0d8 deps: roll back to cilium/ebpf v0.16.0
6c9ddcc6 libct: switch from libct/devices to libct/cgroups/devices/config
200f5631 libct/devices: move config to libct/cg/devices/config
70e500e7 deps: update to github.com/cyphar/filepath-securejoin@v0.4.1
24ec764a build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4
33315a05 libcontainer: if close_range fails, fall back to the old way
111e8dcc libcontainer: Use MaxInt32 as the last FD to match kernel size semantics
7b26da9e libcontainer: Prevent startup hang when CloseExecFrom errors
9af79522 build(deps): bump google.golang.org/protobuf from 1.36.2 to 1.36.3
a50e6872 tests/int: simplify assignments
a22ea827 tests/int/hooks_so: don't hardcode soname
1890af6d support cgroup v1 mounted with noprefix
af929228 RELEASES: add formal release policy for runc
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
536ea278b6 |
podman-tui: update to v1.4.0
Bumping podman-tui to version v0.9.0-438-g204d054c, which comprises the following commits:
204d054c Bump to v1.4.0
59a9904e README.md fix demo link
8460ac45 Bump golang.org/x/crypto to v0.33.0
db872518 Bump github.com/containers/buildah from 1.38.1 to 1.39.1
87d8ab15 bugfix panic in system events
610cf9fc Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5
aa8a4771 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1
7c30fa9d Bump podman to v5.4.0
9a57aeb7 enhance: merge READMEs
a07daf87 docs: enhance directory structure
53146731 Bump github.com/containers/podman/v5 from 5.3.1 to 5.3.2
958a2a44 packit update epel + centos stream
af4b22fa Bump golang.org/x/net from 0.30.0 to 0.33.0
d8f0ffb3 Bump github.com/gdamore/tcell/v2 from 2.7.4 to 2.8.1
086842a2 Bump golang.org/x/crypto from 0.31.0 to 0.32.0
f1f1ff11 Bump golang.org/x/crypto from 0.29.0 to 0.31.0
0e8ff20e Bump to v1.4.0-dev
37019c2f Bump to v1.3.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
adcaf0618b |
podman-compose: update to v1.3.0 -tip
Bumping podman-compose to version v1.3.0-107-g4d899ed, which comprises the following commits:
f9489af Allow merging of args in both list and dict syntax
65b455f Fix project name evaluation order
1aa750b integration/tests: Test project name override with COMPOSE_PROJECT_NAME env variable
98b9bb9 Fix interpolation for COMPOSE_PROJECT_NAME
170411d test/integration: Test COMPOSE_PROJECT_NAME interpolation
f5a6df6 added changes to release notes
f106ea0 modifications to pass pylint test
b748c26 add try-except block to handle error in case of shutdown error
3973c47 catch SIGINT signal properly in 'up' function and call compose 'down' function for a graceful shutdown
2e7d83f Properly surface errors from build commands
8ef537e test/integration: Automate manual `selinux` test
d476071 Don't raise exception on inexistent services in 'down' command
202c377 test/integration: Automate manual `uidmaps` test
b9f2779 Add hook to check for signoff in commit messages
4cd1642 Add quiet flag to podman-compose config
fd40133 added release note to newsfragment directory
37b27fa Refactor event loop handling to simplify logic for Windows platforms
c6b3d49 Adds lint exclusions already ignored by the code
10ad739 Replaces black with ruff on pre-commit-config
784d798 Fix event loop handling for Windows platform in compose_up function
81a0a59 Add more logging tests
c289a3b Fix logging test coding style
baccce4 Fix comments related to logging
cbc5a8c Add newsfragment for interface_name option
aeaceed integration test for x-podman.interface_name option
b1eb558 Document existence of x-podman.interface_name
1cdc9e6 interface_name can be specified in net_config_
838957b test/integration: Automate manual 'secrets' test
d4e5859 Do not close file descriptors when executing podman
bfba7ba tests/integration: Automate manual `seccomp` test
43a2f1d Implement x-podman.pod_args to override --pod-args default
eaec193 tests/integration: Describe `pid` test
bfea139 tests/integration: Automate manual `no_services` test
e626f15 tests/integration: Automate manual `nets_test_ip` test
29404af tests/integration: Automate manual 'nets_test3' test
e03d675 Remove incorrect os.chdir call to fix folder error
bdb3e4e Throw a readable error on too old Python
105e390 Add support for dockerfile_inline
d9ef3d2 tests/integration: Add missing __init__.py for network_scoped_aliases
d23ef4f tests/integration: Add missing __init__.py for build_labels test
b685bce tests/integration: Move test utils to one test_utils file
7d5bf64 tests/integration: Move test "vol" to corresponding directory
9f7ae38 tests/integration: Move test "ports" to corresponding directory
3cee4e0 tests/integration: Move test "config" to corresponding directory
498a199 tests/integration: Move test "env" to corresponding directory
488908f tests/integration: Move test "env_file" to corresponding directory
f7bcc42 tests/integration: Move test "up_down" to corresponding directory
a73df71 tests/integration: Move test "build_ulimits" to corresponding directory
50dc19f tests/integration: Move test "network" to corresponding directory
9029dce tests/integration: Move test "nets_test2" to corresponding directory
a8282c7 tests/integration: Move test "nets_test1" to corresponding directory
f4b775c tests/integration: Move test "nethost" to corresponding directory
adf30e0 tests/integration: Move test "multicompose" to corresponding directory
41675c3 tests/integration: Move test "ipam_default" to corresponding directory
6caf2ea tests/integration: Move test "interpolation" to corresponding directory
3093b00 tests/integration: Move test "include" to corresponding directory
1c21d65 tests/integration: Move test "in_pod" to corresponding directory
18e5fd6 tests/integration: Move test "filesystem" to corresponding dir
24bdfd1 tests/integration: Move test "extends_w_file_subdir" to corresp. dir
c2d3e15 tests/integration: Move test "extends_w_file" to corresponding directory
ba95100 tests/integration: Move test "extends_w_empty_service" to corresp. dir
6022669 tests/integration: Move test "extends" to corresponding directory
e29df71 tests/integration: Move test "exit_from" to corresponding directory
21b9d38 tests/integration: Move test "deps" to corresponding directory
4c17ce2 tests/integration: Move test "default_net_behavior" to corresponding dir
09d54e9 tests/integration: Move test "build_secrets" to corresponding directory
f1dd9b3 tests/integration: Move test "build_fail" to corresponding directory
87af67f tests/integration: Move test "network_scoped_aliases" to corresp. dir
f1d6638 tests/integration: Move test "build" to corresponding directory
69ffff3 tests/integration: Move test "additional_contexts" to corresp. dir
9be3ec9 Add network "dns" support
6e642dc Add network "disable-dns" support
2aa042b expand service environment_variables before adding to subs_dict
bc4177f Exclude dependent containers on up if --no-deps.
8206cc3 Run should not add --requires if --no-deps.
48c6c38 build(deps): bump virtualenv from 20.25.1 to 20.26.6
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
d7b7261eec |
podman: update to v5.4.1
Bumping libpod to version v5.4.1-10-g227df90eb7, which comprises the following commits:
33b4b301fc RPM: Add riscv64 to ExclusiveArch-es
64e2b91ab4 Fix HealthCheck log destination, count, and size defaults
bef77d74d7 Win installer test: hardcode latest GH release ID
88a3bfbde2 Packit: Fix action script for fetching upstream commit
405c55b4a4 Bump to v5.4.2-dev
b79bc8afe7 Bump to v5.4.1
01a55d9d5c update gvproxy version to 0.8.4
0f20d21240 Update Buildah to v1.39.2
bdcede792f Update release notes for v5.4.1
3e6e003173 Fix reporting summed image size for compat endpoint
090dbc4cee podman-import only supports gz and tar
5327df1921 quadlet kube: correctly mark unit as failed
bc37e935ba pkg/domain/infra/abi/play.go: fix two nilness issues
02e8a59774 kube play: don't print start errors twice
cd8582d4f0 libpod: race in WaitForConditionWithInterval()
ab7c54b4cf libpod: race in WaitForExit() with autoremove
180d55165d Don't try to resolve host path if copying to container from stdin.
b716aa17e2 Use svg for pkginstaller banner
bff9da4e3a Create quota before _data dir for volumes
a15623d12f Packit: clarify secondary status in CI
118aa9ef94 Packit/RPM: Display upstream commit SHA in all rpm builds
fea21e9bc0 podman run: fix --pids-limit -1 wrt runc
07d7101429 vendor: update github.com/go-jose/go-jose/v3 to v3.0.4
599a0b71a6 chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security]
b8b0639e7c wire up --retry-delay for artifact pull
5671cfe3ab Revert "silence false positve from golangci-lint"
2d18a7cc47 update golangci-lint to v1.64.4
0b31c710ce update golangci-lint to v1.64.2
fc63a340f3 silence false positve from golangci-lint
e50898e1f7 cmd/podman: refactor Context handling
11ef179de2 fix new usetesting lint issue
f5d96a5959 Packit/Copr: Fix `podman version` in rpm
fd5eb1fdf3 Remove persist directory when cleaning up Conmon files
223f827213 Bump to v5.4.1-dev
f9f7d48b24 Bump to v5.4.0
246011458c Update release notes for v5.4.0 final
3d344ffd26 In SQLite state, use defaults for empty-string checks
2612e3c233 Bump FreeBSD version to 13.4
3d917a395c docs: add v5.4 to API reference
13ebc5860c Update rpm/podman.spec
f34d6c76db RPM: set buildOrigin in LDFLAG
6218d42ed6 RPM: cleanup macro defs
18249e10c1 Makefile: escape BUILD_ORIGIN properly
d280feb96c rootless: fix hang on s390x
fa263d2cc9 Set Cirrus DEST_BRANCH appropriately to fix CI
0f01f00f03 Bump to v5.4.0-dev
ad54787bf0 Bump to v5.4.0-rc3
6c78bad0dd Update release notes for v5.4.0-rc3
02eac2979c Add BuildOrigin field to podman info
141eae99b8 artifact: only allow single manifest
d5989990d5 test/e2e: improve write/removeConf()
522f9de9e3 Add --noheading to artifact ls
9e83191c8f Add --no-trunc to artifact ls
4cd76ef27b Add type and annotations to artifact add
bc8124fd62 pkg/api: honor cdi devices from the hostconfig
57b9709b69 util: replace Walk with WalkDir
bc5de3dfc7 fix(pkg/rootless): avoid memleak during init() contructor.
8ee7b117b6 Add `machine init --playbook`
5feb81d9ff RPM: include empty check to silence rpmlint
48459db076 RPM: adjust qemu dependencies
9b67d4c285 Force use of iptables on Windows WSL
cadf081554 rpm: add attr as dependency for podman-tests
d4f5817862 update gvproxy version
fe02e390af [v5.4] Bump Buildah to v1.39.0
9e2e7f2a77 podman exec: correctly support detaching
e24ccdd27b libpod: remove unused ExecStartAndAttach()
25674e05cd [v5.4] Bump c/storage to v1.57.1, c/image v5.34.0, c/common v0.62.0
5f6adf4d80 Move detection of libkrun and intel
599da8c50b Prevent two podman machines running on darwin
03b100563e Remove unnecessary error handling
bba28688f7 Remove usused Kind() function
d475b48766 Bump to v5.4.0-dev
14f6a69dd3 Bump to v5.4.0-rc2
d52277db75 Update release notes for v5.4.0-rc2
fa0e8f0582 Safer use of `filepath.EvalSymlinks()` on Windows
1c111eead7 error with libkrun on intel-based machines
14cd6ff1d2 chore(deps): update dependency pytest to v8.3.4
97323a691a test/buildah-bud: skip two new problematic tests on remote
527a51dcc4 Fix podman-restart.service when there are no containers
3aa09dd521 Avoid upgrading from v5.3.1 on Windows
81eb84fdaa Clean up after unexpectedly terminated build
06c103469d system-tests: switch ls with getfattr for selinux tests
141bd613b8 vendor latest c/{buildah,common,image,storage}
bbf00ec6bf Makefile: Add validatepr description for 'make help' output
0d2431dca2 docs: Enhance podman build --secret documentation and add examples
016f41ab49 docs: mount.md - idmapped mounts only work for root user
4bdb947d72 Define, and use, PodmanExitCleanlyWithOptions
df9e8c3ce6 Eliminate PodmanSystemdScope
7c40e85968 Fix image ID query
11ee6c4f90 Revert "Use the config digest to compare images loaded/pulled using different methods"
6639c20278 Update c/image after https://github.com/containers/image/pull/2613
f20d9bd637 Update expected errors when pulling encrypted images
9363c8c362 Eliminate PodmanExtraFiles
44c5767460 Introduce PodmanTestIntegration.PodmanWithOptions
ce1b4f72a7 Restructure use of options
d509bb0823 Inline PodmanBase into callers
f17590b2bd Pass all of PodmanExecOptions to various [mM]akeOptions functions
f2d552f5db Turn PodmanAsUserBase into PodmanExecBaseWithOptions
51d599bce3 Avoid indirect links through quadlet(5)
5522def65a do not set the CreateCommand for API users
5181becfde Add podman manifest rm --ignore
f911d39457 Bump to v5.4.0-dev
1b3528df8d Bump to v5.4.0-rc1
6c81dc4f42 fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.2
d7553fabc7 podman artifact
b6f1364319 vendor latest c/{common,image,storage}
cfac38a0f2 fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.3.2
6ee51c5e4f cirrus: bump macos machine test timeout
bdc195d641 pkg/machine/e2e: improve podman.exe match
dc3a7e56be pkg/machine/e2e: improve "list machine from all providers"
cfeefb3219 Remove JSON tag from UseImageHosts in ContainerConfig
805e78c2aa Set network ID if available during container inspect
969057bacc Stop creating a patch for v5.3.1 upgrades on windows
34d42514f1 compose docs: fix typo
d4f4cf0988 Document kube-play CDI support
e93f0acbee docs: Add quadlet debug method systemd-analyze
6ad44fe179 Replace instances of PodmanExitCleanly in play_kube_test.go
6ad4742ba8 docs: add 'initialized' state to status filters
ded5a2db82 fix(deps): update module google.golang.org/protobuf to v1.36.3
3fb37c588d Switch all calls of assert.Nil to assert.NoError
6565bde6e8 Add --no-hostname option
68f29df602 Fix unescaping octal escape sequence in values of Quadlet unit files
a91aa36367 Remove `.exe` suffix if any
0d0a78cc6b Add kube play support for CDI resource allocation
75b4a1b2aa add support to `;` for comments in unit files as per systemd documentation
de1aa44cc9 Use PodmanExitCleanly in attach_test.go
0c18beaea7 Introduce PodmanTestIntegration.PodmanExitCleanly
ba24512959 chore(deps): update dependency setuptools to ~=75.8.0
121caa04ca Add newer c/i to support artifacts
fca64e5429 fix(deps): update module golang.org/x/tools to v0.29.0
3be6c501c0 fix(deps): update module golang.org/x/net to v0.34.0
806722b3d6 specgenutil: Fix parsing of mount option ptmxmode
b0b1d19723 namespaces: allow configuring keep-id userns size
6dba0d9586 Update description for completion
0b3ad66a78 Quadlet - make sure the /etc/containers/systemd/users is traversed in rootless
418ea52e06 Document .build for Image .container option
c75e1c41d0 fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.1
62c81298fd New VM Images
e9fb805522 update golangci/golangci-lint to v1.63.4
4288c81da0 fix(deps): update module google.golang.org/protobuf to v1.36.2
b23349d3bd chore(deps): update dependency setuptools to ~=75.7.0
dd76034660 Fixing ~/.ssh/identity handling
1dbd68f061 vendor latest c/common from main
17a9408c0d fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.12
481c608fd4 fix(deps): update module github.com/opencontainers/runc to v1.2.4
1e0f03b046 specgen: fix comment
7a51916e3b Add hint to restart Podman machine to really accept new certificates
a445ebde9d fix(deps): update module github.com/onsi/gomega to v1.36.2
2aff249156 fix(deps): update module github.com/moby/term to v0.5.2
6fa234a5de Pass container hostname to netavark
53e5e402aa Fix slirp4netns typo in podman-network.1.md
d1a3f96cbf Add support to ShmSize in Pods with Quadlet
de829251fc fix(deps): update module github.com/onsi/ginkgo/v2 to v2.22.1
29c29e215f chore(deps): update module golang.org/x/crypto to v0.31.0 [security]
1b1e0446a5 fix(deps): update module golang.org/x/net to v0.33.0 [security]
ecd882f9f7 Kube volumes can not container _
cbd650212a fix(deps): update module github.com/docker/docker to v27.4.1+incompatible
f2f6eb88e9 test/system: fix "podman play --build private registry" error
23d4908c8b test/system: CopyDirectory() do not chown files
8729725684 test/system: remove system dial-stdio test
153a975888 shell completion: respect CONTAINERS_REGISTRIES_CONF
10d65f30b6 fix(deps): update module github.com/cpuguy83/go-md2man/v2 to v2.0.6
8b23e6d408 When generating host volumes for k8s, force to lowercase
ff9d4e72b0 test: enable newly added test
8b90e3f9c0 vfkit: Use 0.6.0 binary
3021dbec7a gvproxy: Use 0.8.1 binary
64e94efb95 systemd: simplify parser and fix infinite loop
5f79cd3aef Revert "win-installer test: revert to v5.3.0"
e3d2463a48 Avoid rebooting twice when installing WSL
2bca5052f1 Avoid rebooting on Windows when upgrading and WSL isn't installed
af607d0de4 Add win installer patch
d582c39dc8 Bump WiX toolset version to 5.0.2
e6d8603136 test/e2e: SkipOnOSVersion() add reason field
e74df8c35a test/e2e: remove outdated SkipOnOSVersion() calls
ae9120a71d Update VM images
f1e77cf172 fix(deps): update module golang.org/x/crypto to v0.31.0 [security]
c11fd6562d fix(deps): update module github.com/crc-org/crc/v2 to v2.45.0
851ef2529f fix(deps): update module github.com/opencontainers/runc to v1.2.3
cf505fe788 quadlet: fix inter-dependency of containers in `Network=`
e4a135a6ac Add man pages to Mac installer
5848dbee68 fix(deps): update module github.com/onsi/gomega to v1.36.1
a70c418b7d fix(deps): update module github.com/docker/docker to v27.4.0+incompatible
2f31a61cce Fix device limitations in podman-remote update on remote systems
2c58af0e6b Use latest version of VS BuildTools
9c14d15f4c bin/docker: fix broken escaping and variable substitution
0a4885610d manifest annotate: connect IndexAnnotations
8f45474809 Fix panic in `manifest annotate --index`
9dbc9b5055 fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.5
45c979d6b3 fix(deps): update module golang.org/x/net to v0.32.0
2c17ffa54d fix(deps): update module golang.org/x/tools to v0.28.0
a9b52fdedf fix(deps): update module golang.org/x/crypto to v0.30.0
66f9e81c17 fix(deps): update module golang.org/x/sys to v0.28.0
8f1266c717 Fix overwriting of LinuxResources structure in the database
c76932f4c6 api: replace inspectID with name
18a93ec68b fix(deps): update github.com/opencontainers/runtime-tools digest to f7e3563
e7bbcbfbf7 Replace ExclusiveArch with ifarch
c4c3fb23ce fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.1
ededb4c3c4 Improve platform specific URL handling in `podman compose` for machines
0d3a653c30 Fix `podman info` with multiple imagestores
43825122d4 Switch to fixed common
49b52227b4 refact: use uptime.minutes instead of uptime.seconds
dec8f3dca6 fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.11
db6c2c7cdf fix(deps): update golang.org/x/exp digest to 2d47ceb
f3d250cf27 fix(deps): update github.com/godbus/dbus/v5 digest to c266b19
5bbfed2dc1 Cover Unix socket in inpect test on Windows platform
48ae52c08b Add a test for forcing compression and v2s2 format
9de7e07e56 fix(deps): update module github.com/crc-org/vfkit to v0.6.0
9475ea8fb9 Package podman-machine on supported architectures only.
156fc084a9 Fixes missing binary in systemd.
6673f5c202 stats: ignore errors from containers without cgroups
1fa27ffb62 api: Error checking before NULL dereference
4ef773d69e [skip-ci] Packit/copr: switch to fedora-all
2f1a1fb6f3 make remotesystem: fail early if serial tests fail
4b38294e92 spec: clamp rlimits without CAP_SYS_RESOURCE
6f85808707 Clarify the reason for skip_if_remote
39e08c3ffa Sanity-check that the test is really using partial pulls
5ff496ea2b Fix apparent typos in zstd:chunked tests
7f6a203558 Fix compilation issues in QEMU machine files (Windows platform)
e66b788a51 Mount volumes before copying into a container
44b0c24ca5 Revert "libpod: remove shutdown.Unregister()"
e608874004 docs: improve documentation for internal networks
697c4181d2 docs: document bridge mode option
415d762475 [skip-ci] Packit: remove epel and re-enable c9s
e5ed7847c1 chore(deps): update dependency golangci/golangci-lint to v1.62.2
e16f14a44d vendor: update containers/common
ef565b76f2 OWNERS: remove edsantiago
c2dcfca4ca fix(deps): update module github.com/onsi/gomega to v1.36.0
506fec1fa9 fix(deps): update github.com/containers/common digest to ceceb40
e4e7bc41f3 refact: EventerType and improve consistency
4f7395f93a Add --hosts-file flag to container and pod commands
dc564257a2 Add nohosts option to /build and /libpod/build
936461e3c2 fix(deps): update module github.com/stretchr/testify to v1.10.0
13affe96d6 Quadlet - Use = sign when setting the pull arg for build
916b805f97 win-installer test: revert to v5.3.0
5f907e4850 fix(deps): update module github.com/crc-org/crc/v2 to v2.44.0
34d63459ba fix(deps): update module github.com/onsi/ginkgo/v2 to v2.22.0
3096681ce3 chore(deps): update dependency setuptools to ~=75.6.0
07aaa7832a Update windows installer tests
7162c58ba2 Windows: don't install WSL/HyperV on update
c6549fc25b Switch to non-installing WSL by default
28305685f6 fix(deps): update github.com/containers/buildah digest to 52437ef
a1249425bd Configure HealthCheck with `podman update`
97ed067d1a CI: --image-volume test: robustify
e6e9d2c21c docs: add 5.3 as Reference version
926b31e053 Bump CI VMs
e60e11167e libpod: pass down NoPivotRoot to Buildah
d59794992f vendor: bump containers/buildah
cf2ef12664 fix(deps): update module github.com/opencontainers/runc to v1.2.2
61b57b7d7d Overlay mounts supersede image volumes & volumes-from
d513973237 libpod: addHosts() prevent nil deref
71f1f52894 only read ssh_config for non machine connections
cbb2820a7e ssh_config: allow IdentityFile file with tilde
a7120b50b1 ssh_config: do not overwrite values from config file
8a5ec2c505 connection: ignore errors when parsing ssh_config
7b41e28b95 Bump bundled krunkit to 0.1.4
2e22ab3bcd fix(deps): update module google.golang.org/protobuf to v1.35.2
315e7412e8 add support for driver-specific options during container creation
6809bf1d90 doc: fix words repetitions
d2d2e4a605 Update release notes on main for v5.3.0
590fcafc2b chore(deps): update dependency setuptools to ~=75.5.0
1c77ee6fc5 CI: system tests: parallelize 010
34a15ae300 fix podman machine init --ignition-path
3e47e0bc8c vendor: update containers/common
0a69aefa41 spec: clamp rlimits in a userns
8a192c8403 Add subpath support to volumes in `--mount` option
da6404ba16 refactor: simplify LinuxNS type definition and String method
0a1363d8eb test/e2e: remove FIPS test
42e8322532 vendor containers projects to tagged versions
fa335f99e0 fix(deps): update module github.com/moby/sys/capability to v0.4.0
ca7703643b chore(deps): update dependency setuptools to ~=75.4.0
969417711d system tests: safer install_kube_template()
33398ebc1e Buildah treadmill tweaks
9eca92d625 update golangci-lint to v1.62.0
8d8b98b64d fix(deps): update module golang.org/x/net to v0.31.0
e1a6c53909 fix(deps): update module golang.org/x/tools to v0.27.0
e39ddde709 Revert "Reapply "CI: test nftables driver on fedora""
b5c9fe948c Yet another bump, f41 with fixed kernel
30a82cad7a test: add zstd:chunked system tests
40534d352e pkg/machine/e2e: remove dead code
e1fe4b4b95 fix(deps): update module golang.org/x/crypto to v0.29.0
fbbfd07463 kube SIGINT system test: fix race in timeout handling
b20960b860 New `system connection add` tests
62c9627d7a Update codespell to v2.3.0
cbf1d7fcae Avoid printing PR text to stdout in system test
d49497ce6c Exclude symlink from pre-commit end-of-file-fixer
9f5bbecb95 api: Add error check
1b74ab5a85 [CI:ALL] Bump main to v5.4.0-dev
22152a2f9c test/buildah-bud: build new inet helper
fb3a0e93a8 test/system: add regression test for TZDIR local issue
f6af35c695 vendor latest c/{buildah,common,image,storage}
0e66a793bc Reapply "CI: test nftables driver on fedora"
d770069062 Revert "cirrus: test only on f40/rawhide"
ba5ce49c10 test f41 VMs
6346a11b09 AdditionalSupport for SubPath volume mounts
4e8d2dd726 wsl-e2e: Add a test to ensure port 2222 is free with usermode networking
6cf3cb1bfc winmake.ps1: Fix the syntax of the function call Win-SSHProxy
9a0c0b2eef volume ls: fix race that caused it to fail
9cb80d1856 gvproxy: Disable port-forwarding on WSL
52caa0fbb9 build: update gvisor-tap-vsock to 0.8.0
c23d9c6f23 Log network creation and removal events in Podman
c05987ddd3 api: Replace close function in condition body
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
11832b140a |
netavark: update to v1.14.1
Creates updated with: bitbake -c update_crates netavark
Bumping netavark to version v1.14.1-1-g0d623ce, which comprises the following commits:
8711e83 Release v1.14.1
0b7cbc5 Release notes for v1.14.0
389d8d9 Fix detect of Firewalld's StrictForwardPorts property
6267803 test/001-basic: Make commit test optional
99bd7d7 cirrus: do not build debug bins
ce947ad Makefile: do not rebuild if nothing changed
1e5dc1c Makefile: uninstall netavark-firewalld-reload.service
3b5bf92 docs/Makefile: several fixes
c4c37ca Makefile: build docs by default
26baf2c Makefile: do not build twice
2af9044 Release v1.14.0
c38577b release notes for v1.14.0
b086c4e update release notes from v1.13.1
35a0efb run cargo update
4fea4c0 Finalize firewalld port forwarding support
6b4ecbd chore(deps): update rust crate once_cell to 1.20.3
6f0bc1d fix(deps): update rust crate rand to 0.9.0
6e5de55 Add handling for firewalld's StrictForwardPorts setting
fd8e99b fix lint issues wirh rust 1.84
bb17a6d chore(deps): update dependency containers/automation_images to v20250131
3cd3d9e chore(deps): update rust crate tempfile to 3.16.0
f57ae66 rename macvlan_dhcp.rs to dhcp.rs
58bb08d bridge: only allow dhcp with unmanaged mode
a75c979 bridge: support DHCP ipam driver
a47b5df fix(deps): update rust crate ipnet to 2.11.0
a03cdd9 fix(deps): update rust crate serde_json to 1.0.136
b4ccb6c fix(deps): update rust crate log to 0.4.24
7562017 bridge: add vlan support
cb250d4 fix(deps): update rust crate tokio to 1.43.0
7d9edf9 fix(deps): update rust crate serde_json to 1.0.135
5789f67 New VM Images
eb49d9a fix(deps): update rust crate clap to ~4.5.23
d67e98a chore(deps): update rust crate tempfile to 3.15.0
854b8bf fix(deps): update rust crate nispor to 1.2.22
2c759c5 fix(deps): update rust crate serde_json to 1.0.134
732cc05 fix(deps): update rust crate env_logger to 0.11.6
2bf9cfd Add container hostname to DHCP requests and use container id as client id
bbc5f95 fix(deps): update rust crate mozim to 0.2.5
6217c49 generate protobuf in OUT_DIR
d0d999b fix(deps): update rust crate tower to 0.5.2
795a36b Cargo.lock: bump some versions
a2ec8cc run cargo update
cbfe8fe cargo: set rust-version
6453c23 fix new rust 1.83 lint errors
62f4570 OWNERS: remove edsantiago
73e9911 setup: on av errors cleanup again
5861afa nftables: add daddr match to port forward jump rule
2900e92 network: bridge: don't change forwarding sysctl for internal bridges
4dae6d0 network: bridge: add support for unmanaged mode
71d8a5a test-dhcp: remove deprecated ifconfig/brctl commands
55a0f25 fix new rust 1.82 lint errors
8892b7f update ci images
ceb113f fix(deps): update rust crate serde_json to 1.0.133
dc99b01 network: bridge: add support for host_interface_name option
818a19f network: add support for network-specific options
a9dcf42 fix(deps): update rust crate ipnet to 2.10.1
b41f6f5 chore(deps): update rust crate tempfile to 3.14.0
31c32a9 fix(deps): update rust crate tokio to 1.41.1
e2cb0bd fix(deps): update rust crate anyhow to 1.0.93
1fca9f9 fix(deps): update rust crate url to 2.5.3
7dea7fb [skip-ci] RPM: cleanup changelog conditionals
8425b8e fix(deps): update rust crate anyhow to 1.0.92
1d75d62 Bump to 1.14.0-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
a42666e77c |
Reapply "k8s: WIP [needs newer go]: not for merge: update to -tip"
We now have a new enough go in OEcore to enable this update.
This reverts commit
|
||
|
Bruce Ashfield
|
2ea9f15939 |
docker: enable docker.service by default
Some platforms are seeing long (2+ minute) start times to get the docker daemon initialized. This doesn't happen when the daemon is started on boot. To avoid this usability issue, we enable both the socket and service automatically. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
49127b1156 |
k3s: fixup SRCREV and modules.txt
The revert of the pending upgrade (that was waiting for a newer go) did not build as the upgrade was incomplete. Bumping the SCREV and modules.txt to complete the process. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |