mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
288d9bdfb1
2467 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bruce Ashfield
|
288d9bdfb1 |
podman-tui: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
34b281d1a9 |
k3s: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
9de2c86118 |
crio-o: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. We also adjust our WORKDIR reference to use UNPACKDIR instead Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
754c3134c2 |
podman: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d4f36f3ff5 |
docker-compose: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. We also adjust our WORKDIR reference to UNPACKDIR, and the destination for vendor'd source. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
fd30405004 |
netns: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
caec6371aa |
nerdctl: SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. We also adjust our S directory, and references to WORKDIR to fix the build for the new source layout. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
df90aeb1ae |
cri-tools: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
258742feb5 |
moby: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. We also adjust our paths to the new source location and drop references to WORKDIR. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
13928411b2 |
kernel: fix fragment path
Now that UNPACKDIR is used to unpack sources we have an extra level of indirection to locate our cloned fragments. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
3653862e5b |
cni: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. We also must adjust to UNPACKDIR changes which requires rework of the directories for the clones and source layout. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
f12df6ce27 |
runc-docker: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e97f724ccc |
layer: set compatibility to styhead
With the recent UNPACKDIR and golang changes, master is only compatible with styhead. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d04caa21f0 |
buildah: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
32d60c4016 |
go-md2man: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
b78f5ac678 |
runc: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Patrick Wicki
|
380eae7bdd |
podman: require catatonit
Alternatively, we could add it to RRECOMMENDS. But I would say, given its name, managing pods is part of podman's core functionality and that requires catatonit, which is currently only pulled in for the ptest: root@qemux86-64:~# podman pod create Error: building local pause image: finding pause binary: exec: "catatonit": executable file not found in $PATH Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Patrick Wicki
|
992253f871 |
podman: remove skopeo rdepends
Podman does not require skopeo to run. They are both independent tools. In distros like Debian, Fedora and Arch they don't depend on it either. Skopeo also seems to be used in some of podman's tests, so it makes sense to keep it around for the ptest. We do require skopeo's libdevmapper dependency, so include that directly. And inherit container-host to make sure the container configs are present on the device. Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
4cea448064 |
runc-opencontainers: update to 1.1.12
Bumping runc to version v1.1.12-14-ge8bb71e1, which comprises the following commits:
6379b58d libcontainer: force apps to think fips is enabled/disabled for testing
265e7371 Vagrantfile.fedora: bump Fedora to 39
59056a02 silence security false positives from golang/net
452bf88e build: update libseccomp to v2.5.5
3fada6ec tests/int: fix flaky "runc run with tmpfs perm"
aae41a4b Fix integration tests failure when calling "ip"
82a8b979 update go version to 1.21 in cirrus ci
03271050 ci/gha/cross-i386: pin Go to 1.21
29d6d873 VERSION: back to development
51d5e946 VERSION: release 1.1.12
e9665f4d init: don't special-case logrus fds
683ad2ff libcontainer: mark all non-stdio fds O_CLOEXEC before spawning init
b6633f48 cgroup: plug leaks of /sys/fs/cgroup handle
284ba305 init: close internal fds before execve
fbe3eed1 setns init: do explicit lookup of execve argument early
0994249a init: verify after chdir that cwd is inside the container
506552a8 Fix File to Close
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
a03ff1cd0a |
containerd: update to v2.0.0-rc.1
Bumping containerd to version v2.0.0-rc.1-8-g0426e3c2e, which comprises the following commits:
c27bcdc56 cri: introspectRuntimeFeatures: fix nil panic
c5ba71d11 Makefile: update default PACKAGE to v2
094bafe2a apparmor: Allow confined runc to kill containers
e461a59ae fix migrateConfig for io.containerd.cri.v1.images
eb5a0c04b apparmor: add `signal (receive) peer=/usr/local/bin/rootlesskit,`
5e470e1ca Update HTTPFallback to handle tls handshake timeout
a37b451cd build(deps): bump tags.cncf.io/container-device-interface
888fd315f Update CNI to v1.2.0
13e6b2b68 update to go1.21.9, go1.22.2
42e4de9c5 Prepare release notes for v2.0.0-rc.1
4a31bd606 chore: use errors.New to replace fmt.Errorf with no parameters will much better
a6a82c102 Update hcsshim to v0.12.3
7e60d5a07 Account for ipv4 vs ipv6 localhost in windows port forwarding
a153b2cd3 mod: bump github.com/containerd/nri@v0.6.1
77512e2d7 build(deps): bump the golang-x group with 3 updates
c8d9eba7c build(deps): bump github.com/klauspost/compress from 1.17.7 to 1.17.8
1c0f73aa0 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.0 to 2.2.1
32caaee48 Snapshotters: Export the root path
b82ced57f fix: close profile
c7ea06a69 fix default working directory `hostProcess`
1040c7b98 build(deps): bump the otel group with 8 updates
b50e9eae4 Refactor spots to make use of sys.IgnoringEintr
3ea69db8e Add helper to ignore eintr
1b6222418 Bump tags.cncf.io/container-device-interface to v0.7.1
ad584ebec Replace direct waitid syscall with unix.Waitid
7c5078459 Remove empty default tls configuration in ctr
b6e361694 cri: add pause image name to annotations
0ec14fdf8 core/diff/apply: use unix.Syncfs
739659a4b build(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.2
433279438 Transfer: Registry: Enable plain HTTP
88b4cc659 address review comments
f20c49311 Update tracing documentation to add details about manual instrumentation
63d5573a3 remote: Fix HTTPFallback fails when pushing manifest
2474a99c3 Add IsNotFound case to ListPodSandboxStats
3830f8167 fix(cri): fix unexpected order of mounts since go 1.19
cbb644182 build(deps): bump github.com/Microsoft/hcsshim from 0.12.0 to 0.12.2
362fcf2d2 build(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0
5b6ae0f79 Use different containerd sock address in tests
ab2c569fb ctr: fix parsing mount options
b97ef91fb Change port forwarding on windows
ea681afba docs: fix typo
6d00c3ada runc-shim: only defer init process exits
da4ca4949 build(deps): bump github.com/pelletier/go-toml/v2 from 2.1.1 to 2.2.0
dd72fb3b2 build(deps): bump github.com/intel/goresctrl from 0.6.0 to 0.7.0
e41e9e11b transfer: Platform matcher should match multiple platforms
d0d35f0d0 core/images/archive: normalizeReference: remove outdated TODO
26158609b pkg/seutil: move to internal/cri
33732bc13 pkg/systemd: move to internal/cri
0d0850af1 Prepare v2.0.0-rc.0
f5abb63c0 Update mailmap
30813f646 build(deps): bump github.com/containernetworking/plugins
0fafc0c50 build(deps): bump github.com/checkpoint-restore/go-criu/v7
7c1fca096 Update migration script based on usage
45e425ccc vendor: github.com/golang/protobuf v1.5.4
4aa6fedd5 CRI: postpone removal of deprecated config properties
34c545824 Automatically decompress archives for transfer service import
df26c189a Clean cri options and useless parms
88421068f Fix invalid event filter in podsandbox
357c59b79 Update github actions ci to run on forks
4b719cc4b build(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1
10c7f03b3 build(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0
21d3fedf4 build(deps): bump softprops/action-gh-release from 1 to 2
228aa42a6 build(deps): bump the otel group with 8 updates
47d13767f Clean typos in plugins.
7ac9d6909 Use the Go toolchain in CI matrix to build binaries
6a96e4501 Move shim package to pkg
f25770e48 Wire through CRI ContainerCheckpoint RPC
7ecdebff9 update to go 1.21.8, 1.22.1
723306d0e Disable OOM set score unpriv test temporarily
994fdd74e Don't create new scratch VHD per image for CimFS
016b588a9 build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0
d9409c461 Update hcsshim to v0.12.0
00d714e90 build(deps): bump the golang-x group with 2 updates
ab4de3e4c build(deps): bump azure/login from 1 to 2
713dd8f8d go.mod: k8s.io/cri-api v0.30.0-alpha.3
d9b9160ae mv internal/testutil pkg/testutil
752917c0f build(deps): bump github.com/prometheus/client_golang
7a3b7fba5 Transfer: Registry: Enable to use registry configuration diretory
1bf781d8e Cleanup introspection interface
5bd204109 Remove grpc from Client connection interface
347346e3c Add ttrpc support to content proxy
9104e6a24 Add events proxy interface
892dc54bd runc-shim: process exec exits before init
9128ee0a9 Move nri packages to plugin and internal
d0da3d1ca sandbox: make event monitor in CRI independent
17ea3959b adds mediatype to oci index record
c5ef8a2c2 fix(docs): fix duplicate instructions for windows installation
87e8e9c7f Add Go client stability in releases for 2.0.
72f21833b Move events to plugins and core
caa9e2075 add k8s 1.29 and 1.30preview to support table
154ed26a7 vendor: go.etcd.io/bbolt v1.3.9
6d1dfe55f cri: ensure the pause image loaded in older versions is pinned
2884b318f build(deps): bump github.com/klauspost/compress from 1.17.6 to 1.17.7
bd44df8a1 refactor code - clean switch and if statements
a60e52f58 sandbox: add struct tags for PinnedImages
a0b73ae11 sandbox: optimize the lock in PodSandbox
0f1d27412 sandbox: add methods to sandboxService
a2768f19d plugins/sandbox: move local plugin into services
d651cb743 mediatypes: support zstd compression
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
e7a13cbbc3 |
containerd: consolidate to "containerd"
We no longer need the split between container-docker and containerd-opencontainers and dependent layers have been given over a year to adapt. We do keep the provides and rprovides around for a bit longer, but those will also be removed in the future. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Richard Purdie
|
89e2b594dc |
sysvinit-inittab: Use UNPACKDIR instead of WORKDIR
Now that UNPACKDIR has been introduced to OE-Core, use it in the do_install fuction so that as/when things move around and UNPACKDIR is no longer WORKDIR, it continues to work correctly. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Changqing Li
|
e9bb0a338f |
kubernetes: Pass -trimpath to build
Fix following QA WARNING: WARNING: QA Issue: File /usr/bin/kubectl in package kubectl contains reference to TMPDIR [buildpaths] WARNING: QA Issue: File /usr/bin/kubeadm in package kubeadm contains reference to TMPDIR [buildpaths] WARNING: QA Issue: File /usr/bin/kube-proxy in package kube-proxy contains reference to TMPDIR [buildpaths] WARNING: QA Issue: File /usr/bin/kube-apiserver in package kubernetes-misc contains reference to TMPDIR WARNING: QA Issue: File /usr/bin/kubelet in package kubelet contains reference to TMPDIR [buildpaths] Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Changqing Li
|
e46214eea8 |
containerd-opencontainers: fix wrong version display
* Update containerd to v2 to fix following containerd version: containerd github.com/containerd/containerd/v2 2.0.0-beta.0+unknown it should be like: containerd github.com/containerd/containerd/v2 v2.0.0-beta.2-204-gb1624c362.m b1624c3628954e769dd50783b63823040b2db38c.m * Remove CONTAINERD_PKG, it is not used * Update default PACKAGE in Makefile to v2 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Changqing Li
|
7ccaa4ac22 |
cni: pass BuildVersion info to avoid runtime warning
The default value of BuildVersion is 'unknown' and it requires an override at link time to embed such version info into binary. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Changqing Li
|
b50d4899fa |
kubernetes: skip textrel QA warning
-buildmode=pie need cgo is enabled, but for kubernetes, some build targets are static, and cgo is disable in build script directly, refer [1]. If we add -buildmode=pie by default, will cause these static target build failed with error "-buildmode=pie requires external (cgo) linking, but cgo is not enabled". This warning is acceptable, so just skip it. [1] https://github.com/kubernetes/kubernetes/blob/master/hack/lib/golang.sh#L811 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Theodore A. Roth
|
74455bb615 |
podman: Fix missing brace in FILES
When converting to use {systemd_user_unitdir}, the closing brace was
omitted
Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com>
Signed-off-by: Theodore A. Roth <troth@openavr.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Mingli Yu
|
c07eefe02f |
ceph: Add the missing Upstream-Status Field
Fixes:
INFO: Traceback (most recent call last):
File "/build/layers/oe-core/scripts/lib/checklayer/cases/common.py", line 87, in test_patches_upstream_status
self.assertEqual(len(patches), 0 , \
AssertionError: 1 != 0 : Found following patches with malformed or missing upstream status:
/build/layers/meta-virtualization/recipes-extended/ceph/ceph/0001-delete-install-layout-deb.patch
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Ola x Nilsson
|
9f0a5fee11 |
diod: Build in 32bit systems with 64bit time_t
Signed-off-by: Ola x Nilsson <olani@axis.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Lukasz Czechowski
|
0b5cf63796 |
podman: fix location of user systemd service units
The value of USERSYSTEMDDIR is currently set to
${systemd_unitdir}/user, which might not be present in user unit
search path.
Use dedicated bitbake variable ${systemd_user_unitdir} instead.
Signed-off-by: Lukasz Czechowski <lukasz.czechowski@thaumatec.com>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
b7e77b69d3 |
kernel/cfg: update SRCREV to sync lxc options
Bumping the SRCREV to pickup the latest lxc configuration tweaks and consoliation. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Xiangyu Chen
|
8410846c0b |
lxc: fix broken test cases
Upstream dropped cgroup handling in lxc-test-usernic lxc-test-unpriv and lxc-test-apparmor-mount to fix the broken cases. Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Mathieu Dupré
|
415cc454d0 |
libvirt: add libvirt-dbus
libvirt-dbus provides a dBus interface for libvirt. It can be needed as dependency for some virtualization packages, such as `cockpit-machines`. Compilation tested on x86-64 and aarch64 machines. Signed-off-by: Mathieu Dupré <mathieu.dupre@savoirfairelinux.com> Signed-off-by: Paul Le Guen de Kerneizon <paul.leguendekerneizon@savoirfairelinux.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
da840d8845 |
runc-docker: update to 1.1.12
Bumping runc to version v1.1.12-2-ga9833ff3, which comprises the following commits:
29d6d873 VERSION: back to development
51d5e946 VERSION: release 1.1.12
e9665f4d init: don't special-case logrus fds
683ad2ff libcontainer: mark all non-stdio fds O_CLOEXEC before spawning init
b6633f48 cgroup: plug leaks of /sys/fs/cgroup handle
284ba305 init: close internal fds before execve
fbe3eed1 setns init: do explicit lookup of execve argument early
0994249a init: verify after chdir that cwd is inside the container
506552a8 Fix File to Close
d0b1a374 keyring: update AkihiroSuda key expiry
d561e5da keyring: update cyphar@cyphar.com key expiry
7887736f VERSION: back to development
4bccb38c VERSION: release 1.1.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
03a0378792 |
xen-tools: adjust recommendations for qemu package splitting
When vmsep is enabled the qemu packages are split based on meta-virt policy. Detect this distro feature and update our dependencies accordingly. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
50c6615883 |
docs/README: drop meta-oe priority recommendation
This hasn't been needed for over 10 years (and is in the wrong format for overrides). Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
b2777a4389 |
podman: update to 5.0.1
Bumping libpod to version v5.0.1-4-gbb81e85a4, which comprises the following commits:
63f6a78eb Packit: Enable CentOS Stream 10 update job
e22c9dd65 Bump to v5.0.2-dev
946d055df Bump to v5.0.1
131f3d089 Add release notes for v5.0.1
2967eb9a2 [v5.0] libpod: restart always reconfigure the netns
92b3cda79 [v5.0] use new c/common pasta2 setup logic to fix dns
b1dbd477e [v5.0] Bump Buildah to v1.35.3
ebe3f395b hyperv: error if not admin
4b54d1824 libpod: don't warn about cgroupsv1 on FreeBSD
312313872 Use built-in ssh impl for all non-pty operations
70fe2a1c9 fix remote build isolation on client side
bfc63cc32 fix remote build isolation when server runs as root
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
c0274365e7 |
openvswitch: 3.3.0
Bumping ovs to version v3.3.0-26-g1c1f173ce, which comprises the following commits:
1c1f173ce dpif-netdev: Fix crash due to tunnel offloading on recirculation.
feb0fefd8 netdev-dpdk: Disable outer UDP checksum offload for ice/i40e driver.
3280d95c4 ovs-monitor-ipsec: LibreSwan autodetect paths.
4fedcae6e route-table: Avoid routes from non-standard routing tables.
9f39cd4a1 ovs-tcpdump: Fix cleanup mirror failed with twice fatal signals.
7fa40643e ofproto-dpif: Fix tunnel with different name del/add failure.
04dc9d117 ofpbuf: Prevent undefined behavior in ofpbuf_clone.
667c9eb2b netdev-dpdk: Fix tunnel type check during Tx offload preparation.
332300c36 netdev-dpdk: Fix TCP check during Tx offload preparation.
e7778b371 netdev-dpdk: Clear inner packet marks if no inner offloads requested.
c85158e26 netdev-dpdk: Clean up all marker flags if no offloads requested.
a6bb8be42 github: Reduce ASLR entropy to be compatible with asan in llvm 14.
70dcee98f netdev-dpdk: Dump packets that fail Tx preparation.
5ae591757 bfd: Improve state change log message.
efbc37b94 tests: Fix "SSL db: Implementation" test with openssl > 3.2.0.
0f1af687c conntrack: Fix flush not flushing all elements.
04f1984a4 m4: Fix linking with OpenSSL 1.1.0+ and 3+ on Windows.
8f903b598 ovs-pki: Fix file permissions on Windows.
300201065 bond: Reset stats when deleting post recirc rule.
02f0d6db1 ofproto-dpif-trace: Fix infinite recirculation tracing.
e68ddb34b github: Temporarily disable SNAT with exhaustion system test.
95d4d7108 dp-packet: Don't offload inner csum if outer isn't supported.
05453d807 ofproto-dpif-xlate: Fix ignoring IPv6 local_ip for native tunnels.
a0df9c85d netdev-dummy: Add local route entries for IP addresses.
2f742d7af tests: Move the non-local port as tunnel endpoint test.
a6bdf7d31 Prepare for 3.3.1.
6c4da8cc2 Set release date for 3.3.0.
54ba53bfa system-traffic.at: Add tests with UDP tunneling of UDP traffic.
71a547474 netdev-native-tnl: Mark all vxlan/geneve packets as tunneled.
91a147ea8 netdev-linux: Only repair IP checksum in IPv4.
51ee4d36a netdev-linux: Favour inner packet for multi-encapsulated TSO.
0eb8d8116 rstp: Fix deadlock with patch ports.
c67de08f1 dpif-netdev: Increase MAX_RECIRC_DEPTH to 8.
310247ae9 netdev-linux: Avoid deadlock in netdev_get_speed.
e38ba0b0a ofproto-dpif-monitor: Remove unneeded calls to clear packets.
37f24aebc dp-packet: Include inner offsets in adjustments and checks.
eead56062 bfd: Set proper offsets and flags in BFD packets.
2de9347a5 dp-packet: Validate correct offset for L4 inner size.
76144cc63 netdev-offload-tc: Check geneve metadata length.
5c8586b1a odp: ND: Follow Open Flow spec converting from OF to DP.
5cc4eedc6 faq: Update matching DPDK releases for older branches.
447d4ecd9 github: Bump Fedora version to 39.
fe55ce37a github: Update versions of action dependencies (Node.js 20).
86f79063b mcast-snooping: Remove typedef from mcast_group_proto.
b0cf73112 dp-packet: Reset offload/offsets when clearing a packet.
c467a7a71 tests: ovsdb-server: Fix config-file same schema test.
2222dbb92 ci: Run system tests in a separate namespace.
0c9e932aa netdev-dpdk: Trigger port reconfiguration in main thread for resets.
928498aea tests: mcast-snooping: Stop time for the group protocol test.
6ffceaf14 dp-packet: Avoid checks while preparing non-offloading packets.
a940a691e ovs-atomic: Fix inclusion of Clang header by GCC 14.
e802fe79a Prepare for 3.3.0.
206dfaa36 AUTHORS: Add Dexia Li.
85bcbbed8 userspace: Enable tunnel tests with TSO.
084c80872 userspace: Support VXLAN and GENEVE TSO.
0edfe05e4 netdev-dummy: Add support and test for TSO.
76e2f20d5 userspace: Correct IPv6 header in software-GSO.
9e3c842d5 dp-packet: Set checksum flags during software TSO.
253d90075 python: ovs: flow: Add meter_id to controller.
ea44cafae python: ovs: flow: Make check_pkt_len action a list.
32f6737b5 python: ovs: flow: Add idle_age to openflow flows.
e72b7b6f1 python: tests: Refactor test_odp section testing.
5e45091ea python: ovs: flow: Add dp hash and meter actions.
ab7d08961 python: ovs: flow: Add sample to nested actions.
9ef49ca85 python: tests: Add info and key tests for OFPFlows.
6bbbb7664 python: ovs: flow: Fix typo in n_packets.
603890d6a ovsdb-server: Make use of cooperative multitasking.
36bad3182 json: Add yielding json create/destroy functions.
d4a15647b ovsdb: raft: Enable cooperative multitasking.
3c8a4e942 lib: Introduce cooperative multitasking module.
6ece3d57b timeval: Add internal timewarp interface.
b222593bc mcast-snooping: Add group protocol to mdb/show output.
077d0bad0 mcast-snooping: Store IGMP/MLD protocol version.
8b51b2bcb ci: Add kernel and userspace ASAN/UBSAN tests.
fc13c0d65 ci: Combine the ubsan and asan sanitizer runs.
48d4f6963 tests: Set handle_segv for UBSAN to allow SIGSEGV tests.
d662eee09 ci: Add clang-analyze to GitHub actions.
ed738eca3 util: Annotate function that will never return NULL.
da093acc7 netdev-offload-dpdk: Replace action PORT_ID with REPRESENTED_PORT.
bdf2f1677 tests: Fix 'long flow dump duration' failures due to large time warp.
8893e24d9 dpdk: Update to use v23.11.
65b22552a tests: ovsdb: Add configuration tests with config file.
47ddc474d tests: ovsdb: Add relay and replication execution with config file.
55140090e ovsdb-server: Allow user-provided config files.
99d7e8849 ovsdb: relay: Allow setting all jsonrpc session options.
dd0947b87 ovsdb-cs: Add function to set all jsonrpc session options.
6de317c0e ovsdb: replication: Allow to set all jsonrpc options.
9a1b79c15 ovsdb: Embed jsonrpc session options into ovsdb jsonrpc options.
40ce846e8 jsonrpc: Add function to update all options at once.
37ab57b41 jsonrpc-server: Re-add remotes on role changes.
8c8a6f793 ovsdb-server: Add no-op config-file option.
e76f84720 ovsdb-server: Database config isolation.
c8c0e570d ovsdb: replication: Automatically switch read-only mode.
3ff980c85 ovsdb: replication: Isolate databases from each other.
e56d30242 ovsdb: Extract relay string parsing into a separate function.
80414c3e1 ovsdb: Track jsonrpc options per remote.
da1a4f699 jsonrpc-server: Add functions to convert jsonrpc options to/from json.
ea4362174 ovsdb: Allow database itself to be read-only.
05d6f419c timeval: Add coverage counter for long poll interval events.
969b3a570 ofproto-dpif-upcall: Add flow_limit coverage counters.
92ff2a201 ofproto-dpif-upcall: Change flow dump duration message to WARN level.
60457a5e9 ovsdb: transaction: Calculate added/removed from diff.
7ab8f6f7c ovsdb: Preserve column diffs read from the storage.
67ee63087 ovsdb-idl.at: Test IDL behavior during database conversion.
ac04dfa7e python: idl: Handle monitor_canceled.
c8d85a0e4 AUTHORS: Add Brad Cowie
8aea66599 system-traffic.at: Test conntrack + FTP server running on a non-standard port.
8abe32f95 conntrack: Use helpers from committed connections.
14ef8b451 lib/conntrack: Only use given packet in protocol detection.
7b74454c7 system-tests: Test openflow matching for ct related packets with SNAT.
7404d25ea system-dpdk: Test with mlx5 devices.
915b97971 checkpatch.py: Load codespell dictionary.
21c61243f checkpatch: Fix personal word list storage.
2535d171a vconn: Count vconn_sent regardless of log level.
54b3eb531 backtrace: Fix error in log_backtrace() documentation.
94371c099 ovsdb: trigger: Do not allow conversion in read-only mode.
e951af81c ovsdb: jsonrpc-server: Fix the DSCP value in default options.
d07a3b798 jsonrpc: Sort JSON objects while printing debug messages.
0a2e16b67 tests: ovsdb: Use diff -up format for replay test.
7c3df3676 ovsdb-server.at: Enbale debug logs in active-backup tests.
0ef3ebb0c ovsdb: transaction: Don't try to diff unchanged columns.
6f11d9daa ovsdb: transaction: Avoid diffs for different type references.
d51d4f42d ovsdb: Fix incorrect sharing of UUID and _version columns.
4102674b3 ovsdb-idl: Preserve change_seqno when deleting rows.
5c3810491 tests: Move MFEX tests to dpif-netdev.
98ee21ef6 system-dpdk: Use dummy-pmd port for packet injection.
df5e5cf43 Documentation: Add section on inclusive language.
de4cccf93 ci: Add make check-afxdp to GitHub actions ci.
67c53a89d ci: Allow make check-dpdk to run the MFEX tests.
26ffd192f ci: Fix dpdk build cache key generation.
adfc3d4a3 ci: Add make check-system-tso to GitHub actions ci.
09958e081 ci: Add make check-system-userspace to GitHub actions ci.
15f179324 ci: Add make check-offloads to GitHub actions ci.
e7b51b38f ci: Add make check-kernel to GitHub actions ci.
a80883f76 ci: Fixed tests that show random failures through GitHub actions.
6660fccb1 ci: Exclude tests that show random failures through GitHub actions.
9dfa65dc7 ci: Update the GitHub Ubuntu runner image to Ubuntu 22.04.
e07ae9a6d ci: Add make check-ovsdb-cluster tests to GitHub action ci.
ee93f364b ci: Add JOBS variable to replace all the '-j4' instances.
4cbbf56e6 dpif-netdev: Add per PMD sleep config.
a095794bc openflow: Allow CT flush to match on mark and labels.
386deb32c dpctl, ovs-ofctl: Unify parsing of ct-flush arguments.
62c5d32ad ofp-prop: Add helper for parsing and storing of ovs_u128.
cc670e741 system-dpdk: Wait for MTU changes to be applied.
7067ed166 tests: Do not use zone 0 for CT limit system test.
27e0349e2 ct-dpif: Enforce CT zone limit protection.
1b3557f53 vswitchd, ofproto-dpif: Propagate the CT limit from database.
324883361 ovs-vsctl: Add limit to CT zone.
8f4b86237 dpctl: Allow the default CT zone limit to be deleted.
4b9eb061b ct-dpif: Handle default zone limit the same way as other limits.
6b1723588 tunnel: Do not carry source port from a previous tunnel.
472dd6642 netdev-offload-tc: Fix offload of tunnel key tp_src.
a34e306a0 ofp-ct: Return error for unknown property in CT flush.
20022fbf5 editorconfig: Remove [*] section and trim_trailing_whitespace.
8b5fe2dc6 userspace: Add Generic Segmentation Offloading.
e0056018c userspace: Respect tso/gso segment size.
6c59c1952 netdev-linux: Use ethtool to detect offload support.
c8d494636 cirrus: Update from FreeBSD 12 to 14.
cf984d5be appveyor: Use previous image to unblock CI.
ceb29608d faq: Update matching DPDK releases for older branches.
3626c1744 ovs-ofctl: Correctly mark the CT flush commands.
40f651ce0 mcast-snooping: Fix comments format.
42c1e2efe mcast-snooping: Flush flood and report ports when deleting interfaces.
4990a9a27 mcast-snooping: Test per port explicit flooding.
4e90baca8 system-dpdk: Run traffic tests.
1d0ff364b system-dpdk: Rework cleanup for vhost-user client tests.
1c37d869c system-dpdk: Refactor tests using vhost-user ports.
d0a6cf57d system-dpdk: Fix race in some vhost-user client MTU test.
64c1d16c6 system-dpdk: Remove tap interfaces from vport MTU tests.
b561bbdc2 netdev-afxdp: Postpone libbpf logging helper registration.
818217eaf system-dpdk: Refactor OVS daemons helpers.
e6dd50d61 tests: Define a macro to skip tc relying tests.
ab3eca612 ci: Run DPDK tests in GitHub Actions.
c488f28a0 system-dpdk: Don't require hugetlbfs.
209667c0e system-dpdk: Introduce helpers for testpmd.
7b514aba0 ofproto-dpif-trace: Improve conjunctive match tracing.
c62b4ac8f ovs-ofctl: Implement compose-packet --bare [--bad-csum].
3e0d8d1f4 checkpatch.at: Add cases to verify skip committer check.
74bfe3701 checkpatch: Add argument to skip committer signoff check.
4d74e2307 build-aux/extract-ofp-fields: Fix the number of Summary columns.
8b4265c11 release-process: Update LTS designation schedule example.
c19a5b48b netdev-dpdk: Sync and clean {get, set}_config() callbacks.
d614f2863 netdev-afxdp: Sync and clean {get, set}_config() callbacks.
169c6b2d4 netdev-dummy: Sync and clean {get, set}_config() callbacks.
bf843fd43 checkpatch: Don't spell check Fixes tag.
fdbf0bb2a flake8: Fix E721 check failures.
28f6e7602 build-aux: Enable flake8 checks for python extraction scripts.
20e6309ba build-aux/extract-ofp-msgs: Fix flake8 and syntax errors.
23fb4bd4b build-aux/extract-ofp-fields: Fix flake8 and syntax errors.
6625f6f2f build-aux/extract-ofp-errors: Fix flake8 and syntax errors.
51fb99290 build-aux/extract-ofp-actions: Fix flake8 and syntax errors.
723cd4c9b automake: Move build-aux EXTRA_DIST updates to their own file.
08212d755 netdev-offload: Fix Clang's static analyzer 'Division by zero' warnings.
979bc94b1 ovsdb: Fix Clang's static analyzer 'func null dereference' warnings.
03c8e8010 ofp-table: Fix count_common_prefix_run() function.
5b6021957 general: Fix Clang's static analyzer 'Dead assignment' warnings.
49096a0cf general: Fix Clang's static analyzer 'Dead initialization' warnings.
fea52dc71 python: Remove duplicate UnixctlClient implementation.
2c841eef9 vswitch.xml: Add entry for dpdkvhostuser userspace-tso.
e8914353c vswitch.xml: Add dpdkvhostuser group status.
594d14541 readthedocs: Use dirhtml builder.
34ae81c1f tests: Use ping timeout instead of deadline.
6cfb3d1ff tests/system-traffic: Ensure no name resolution for tcpdump.
cc89bf8e2 README: Add documentation build status badge.
e388bd73b readthedocs: Add the configuration file.
a413fed99 tc: Improve logging of mismatched actions.
bd86266ea ofproto-dpif-upcall: Pause revalidators when purging.
d581473cb AUTHORS: Add Zengyuan Wang.
23a70e286 db-ctl-base: Fix memory leak of db commands.
c29ba5401 tc: Add IPIP/GRE protocols to offload in IP rewrite.
b16ef5200 tc: Add csum offload of IGMP/UDPLITE/SCTP in IP rewrite.
f100e6a83 tests: Update some tests title prefix print.
c92ded551 tests/tunnel.at: Add geneve options mirror test.
834bd9158 ofproto-dpif-upcall: Fix redundant mirror on geneve tunnel options.
d76193008 tests: Add some tests for byteq module.
297db8056 AUTHORS: Add Jakob Meng.
bb6ed2472 netdev-dpdk: Document rx-steering status options.
e9ada1629 netdev-dpdk: Update docs for interface info.
8020eff9a netdev-dpdk: Document status options for VF MAC address.
0aeb06e1f netdev-offload-dpdk: Fix flushing of a physdev.
b78427639 Documentation: Add CVE-2022-40982, aka Downfall reference.
155f632e7 connmgr: Fix ofconn configuration on vswitchd startup.
13dde1131 utilities: Add kernel_delay.py script to debug a busy Linux kernel.
4fc02650a ovsdb: Fix potential leak when making diff of conditions.
a40c55eff hash: Add explicit typecasts to fix C++ compilation issues.
880a2bbb4 lib, ovsdb, vtep: Add various null pointer checks.
010c256ca lib: Add non-null assertions to some return values of `dp_packet_data`.
1b8fa4a66 checkpatch: Add checks for the subject line.
0896dc19e python: idl: Fix last-id update from a monitor reply.
bac34b26a netlink-conntrack: Fix partial match of entries with SCTP.
563c50fba ovsdb-cluster.at: Remove extra ordinal schema and schema name operations.
154e4299d ofproto-dpif-xlate: Fix recirculation with patch port and controller.
9a8b39b70 ofproto-dpif-xlate: Don't reinstall removed XC_LEARN rule.
bc79a7bf0 treewide: Add `ovs_assert` to check for null pointers.
40546cd6e lib, ovs-vsctl: Add zero-initializations.
1116459b3 conntrack: Remove nat_conn introducing key directionality.
85634fd58 ovsdb: raft: Support pre-vote mechanism to deal with disruptive server.
bb61931dc netdev-dpdk: Disable net/tap Tx L4 checksum offloads.
13b874f4f tests/mfex: Don't require python cryptography.
28c0cec40 configure: Avoid deprecated AC_PROG_CC_C99 if possible.
d3bdc7c91 tests: Fix time dependency in overlapping flows modification test.
9b7e1a753 netdev-dpdk: Clear IP packet type when no offload is requested.
bf7e53bb5 python: Use build to generate PEP517 compatible archives.
f1983a508 python: Use twine to upload sdist package to pypi.org.
bb0dd1135 python: Rename build related code to ovs_build_helpers.
785e22f87 dpif-netdev: Fix length calculation of netdet_flow_key.
0e98b9924 doc: Fix description of max_len for controller action.
9842d89e5 docs: Fix rendering of VLAN Comparison Chart.
57cccb076 fatal-signal: Drop logging of failed dummy backtrace.
eb344e0be AUTHORS: Add Colin Watson and Lucas Nussbaum.
6180fefa8 docs: Run tbl preprocessor in manpage-check rule.
e46d45520 docs: Add `nowarn` region option to tables.
f1305b5a2 tests: Add clang-analyzer-results to gitignore.
d910fd8a0 ci: Add jobs to test -std=c99 builds.
f0899b1fc tests: Fix order of includes in barrier/id-fpool/mpsc-queue tests.
1776aa17a sflow: Always enable _BSD_SOURCE.
be2cd24b1 compiler.h: Don't use asm and typeof with non-GNU compilers.
e3d561670 AUTHORS: Add Ivan Malov.
de86c5bbd Set release date for 3.2.0.
41006c1b3 AUTHORS: Add gordonwwang and Xiaojie Chen.
0945e1a5f ovs.tmac: Fix troff warning in versions above groff-1.23.
d80df0b86 AUTHORS: Update email for Simon Horman.
bd78f0e2e AUTHORS: Add François Rigault.
77610902b connmgr: Count unsent async messages.
cf11766cb ofproto-dpif-upcall: Fix push_dp_ops to handle all errors.
eac54ee24 system-traffic.at: Avoid names veth0/veth1 in SRv6 tests.
21410ff80 dpif-netdev: Fix dpif_netdev_flow_put.
da64d1b2f MAINTAINERS: Add Aaron Conole.
b8d4619d3 cirrus: Update to FreeBSD 13.2.
bbdfb332d MAINTAINERS: Add Kevin Traynor.
2f34475a9 ci: Fix OPTS not being passed to OSX builds.
269053bf2 ovsdb-tool: Fix json leak while showing clustered log.
bd2a80b1d ovsdb-server: Fix excessive memory usage on DB open.
d6fd6e591 tests: Add ovsdb execution cases for set size constraints.
2f1b43064 ovsdb: relay: Fix handling of XOR updates with size constraints.
e062465a8 ovsdb: file: Fix diff application to a default column value.
edfbd44ff ovsdb: file: Fix inability to read diffs that violate type size.
aa56afb57 AUTHORS: Add Simon Jones.
20a7654d2 ovs-tcpdump: Clear auto-assigned ipv6 address of mirror port.
47520b33b ofproto-dpif: Fix removal of renamed datapath ports.
d460c473e netdev-dpdk: Negotiate delivery of per-packet Rx metadata.
feed7f677 ofproto-dpif-upcall: Mirror packets that are modified.
f5188ff21 daemon.at: Correctly terminate ovsdb process in a backtrace test.
24520a401 vswitchd: Wait for a bridge exit before replying to exit unixctl.
bffffd841 Prepare for post-3.2.0 (3.2.90).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
5853fc67da |
docker-compose: update to v2.26.0
Bumping compose to version v2.24.7-21-g33712277, which comprises the following commits:
33712277 chore(desktop): revised feature detection for file shares
e9dc8201 Add Navigation Menu to compose up
39504607 Add support for volume Subpath option
3b541b07 Bump docker v26.0.0
25671ae6 introduce config --variables to list compose model variables
0191e69d Fix docs on default build image name
897d239f Bump compose-go to v2.0.2
c5a760ce add support for annotations
26f687a1 Revert "Bump compose-go to v2.0.1"
ad414613 Bump compose-go to v2.0.1
db4ed895 feat(desktop): synchronized file share integration (#11614)
1b5fa3b9 feat(experiments): add experimental feature state (#11633)
4f97edf3 reduce timeout of the Otel tracing command
bc5fc6ba fix `compose config --format json`
f937e42a Bump compose-go v2.0.0
f46ca459 services shell completion bugfix
b2d4c1b8 fix TestBuildPlatformsWithCorrectBuildxConfig
5a1ba0ef only use ToModel when --no-interpolate is set
17d4229e feat(desktop): add Docker Desktop detection and client skeleton (#11593)
4efb8970 chore(deps): upgrade go to 1.21.8 (#11578)
f35449a6 ci(deps): bump moby/moby & docker/cli to v25.0.4 (#11566)
34b11c4f Add test summary for test jobs in ci
c525373a make code simpler
e99b8ace avoid duplicated "xx exited with code 0" message
8ab8df86 introduce --watch
de178267 move code into small functions for better readability
1680f9a8 restore support for `config --no-interpolate`
5c4f3370 remove docker cli step in ci.yml
58ec0e9f get log to manage `attach`
349d9f34 bump compose-go to version v2.0.0-rc.8
697a48af use an dedicated compose file --quiet-pull e2e test
9b0d1ffc Add a fallback check of Watch pid on Windows False positives were detected when checking the previous watch process state
d10a179f add support of QuietOption to create command
94246f3c pass QuietOption when starting dependencies from run command
9630cc58 when ran with ANSI disabled, force progress=plain
6c175548 Issue-11374: Modified compose up command to respect COMPOSE_REMOVE_ORPHANS environment variable
9b0e3d53 ci: bump engine version to `25.0.3`
de3da829 sort containers to optimize scale down
c79aabde discard stdout for laaarge log test
0aad3221 use listeners to collect include metrics
b1c06770 docs: update cli reference link
e330f590 docs: unify no trailing dots in docstrings and help (#11301)
16c8099c Use listener for file metadata
07bda596 fix deadlock collecting large logs
d2034029 chore(watch): remove old `docker cp` implementation
894ab41c ci(deps): bump docker/cli to v25.0.3 (#11481)
3ba66453 pass All option to backend api.Service when length statuses is not equal to zero
2eca9313 Add OTEL specs: build, depends_on, capabilities (gpu/tpu)
1fea7c1b build(deps): bump github.com/opencontainers/image-spec
acf2ffb0 feat(tracing): add project hash attr
0d48a93f chore(load): ensure context passed to load
aaa7ef6d Include all networks in ContainerCreate call if API >= 1.44
6ef55a53 bump compose-go to v2.0.0-rc.4
a553db33 CI: docker engine version matrix
05bec55d build(deps): bump github.com/docker/cli
8fdd45cd chore(e2e): fix flaky test & standalone behavior (#11382)
a0954dc5 ci(deps): replace buildkit to fix fsutil issues on Windows (#11426)
05820018 Fix canonical container name
da1a34a8 don't check external network existence when swarm is enabled
8b023ae0 build(deps): bump github.com/docker/cli
8c80297c build(deps): bump github.com/docker/docker
7e991515 Add support for storage_opt
d9791156 ci(deps): update DOCKER_CLI_VERSION to v25.0.1
71bebc16 bump compose-go to v2.0.0-rc.3 which fixes multiple compose files merge issues
25d16d1f build(deps): bump actions/upload-artifact from v3 to v4
ab97dcc7 update MAINTAINERS file
a8bd3b7a Fix load .env from project directory when project file is set by COMPOSE_FILE
811364b4 use a custom version of fsutils that fixes a bug on Windows causing all Compose builds to fail
1551fcb4 introduce stopAndRemoveContainer to share logic scaling down
eb4249ec bump compose-go to v2.0.0-rc.2
1e8241f6 ci(deps): upgrade to Moby v25.0.0 GA (#11381)
053a5604 docs: update link to use canonical URL for command
34ba0bc9 go.mod: github.com/moby/sys/mountinfo v0.7.1
56e38260 go.mod: github.com/google/uuid v1.5.0
c28bf522 bump version of compose-go to v2.0.0-rc.1
51c113b6 build(deps): bump github.com/docker/docker
7cdc7e15 remove watch command from the alpha command
fb026543 build(deps): bump github.com/docker/cli
d688d3bf fix(tracing): batch span exports to prevent blocking
898e1b60 signals/utils: always handle received signals
f414bf78 fix engine version require to use healthcheck.start_interval
3c4593f2 Stop the resource timer after last expected event
d2562029 build(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12 (#11347)
26ed1051 build(deps): bump github.com/docker/docker from 25.0.0-rc.1+incompatible to 25.0.0-rc.2+incompatible (#11349)
191c10b9 build(deps): bump github.com/docker/cli from 25.0.0-rc.1+incompatible to 25.0.0-rc.2+incompatible (#11348)
5d05df6e update compose-go to version using immutable Project functions
b621948c feat(cli): report more useful User-Agent on engine API requests
f5c53c2d ci(deps): bump golangci-lint to v1.55.2
1cfeda71 ci(deps): bump golang to version v1.21.6 (#11331)
2bf2b22f Add source policies for build
575f2ed7 watch: remove requirements for tar binary and for sync target to be rw
5f4b22ed make docs
dcf6bd77 make mocks
80823b77 go ahead and wire up sig-proxy and no-stdin for consistency with underlying docker container attach
2c16e16d docker compose attach via RunAttach (from docker/cli's docker container attach)
d1be9caf build(deps): bump golang.org/x/sys from 0.15.0 to 0.16.0
c3c0cf3d build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0 (#11317)
27987415 gha: update DOCKER_CLI_VERSION to v24.0.7
566d2207 go.mod: github.com/docker/cli v25.0.0-rc.1
d09c39dc go.mod: github.com/docker/docker v25.0.0-rc.1
a1d36379 go.mod: github.com/klauspost/compress v1.17.4
0c55998b go.mod: github.com/felixge/httpsnoop v1.0.4
2f6ec9b7 go.mod: github.com/docker/go-connections v0.5.0
dcbf005f up: gracefully teardown when command ctx cancelled
e105f165 introduce `stats` command
ce5a0c65 Fix cancellable context detection in `AdaptCmd`
f58f23a6 remove ServiceProxy which was introduced for archived compose-cli
9aa52326 go.mod: docker/docker and docker/cli v25.0.0-beta.3
ccd83b8a go.mod: github.com/gorilla/mux v1.8.1
9e57850c go.mod: github.com/docker/distribution v2.8.3
35d3a7ca go.mod: golang.org/x/crypto v0.17.0
6c998602 go.mod: golang.org/x/crypto v0.16.0
402f3688 go.mod: golang.org/x/text v0.14.0
30dd3e66 go.mod: golang.org/x/term v0.15.0
0c4fa017 Bump compose-go v2-beta.2
b12e23b0 build(deps): bump go.uber.org/mock from 0.3.0 to 0.4.0
17da54da introduce build --with-dependencies
1baa4f44 up: fix write/close race condition in logPrinter
7781b7c9 deps: update docker/cli to fix go version selection issue
785835b1 Add support for endpoint-specific MAC address
e4fb5545 build do not require environment to be reslved
74cc0912 github.com/golang/mock is deprecated
5e61c62e collect services to build using WithServices
fb3868ff add support for start_interval
bdbda790 include disabled services for shell completion
ae4fd791 bump golang to version 1.21.5
26aca867 avoid use of service.Name when iterating on project.Services
138facea project.Services is a map
cda04f28 adopt compose-go/v2
85a1aec1 regen docs
9c29d223 use custom config type for OCI v1.0
df6fe59f tweak help message on oci version flag
07df9cc4 fix typo
7c8ff36d move around OCI logic, auto fallback/retry 1.1 -> 1.0
111ad3b0 fix(publish): add OCI 1.0 fallback support for AWS ECR
8026d0e2 adopt container.RestartPolicy*
df1533a1 [lint] don't use deprecated types
8639fbae go mod tidy
56e2ad9e update to v1.25 for RunAttach
ce1ddb6c fix combination of --pull always --no-build
c5824702 build(deps): bump golang.org/x/sys from 0.14.0 to 0.15.0
1f148244 send out a cancel event on SIGINT/SIGTERM
9faef4ae Update README.md to use standard compose.yaml file name
59f11ecb Fix configs are mounted under /<id>
750553c8 introduce compose logs --index to select a replica container
8c964f5a Update E2E test
90ca13b7 Fix E2E test to have index in the correct position
f9946127 Fix docs
ddda59a1 Add index option to compose logs command
e981c358 Add failing test
16c4241c log we don't expose service ports when --verbose
9025d63a bump ddev
a1de0b96 Restore `Project` is ps json output
caa0cbbc Introduce ps --orphans so user can include/exclude services not declared by project
29e9fdba let contributor know we might close unanswered issues
c665c53c bump buildx to v0.12.0 and adapt code to changes
a39cf75e build(deps): bump github.com/compose-spec/compose-go
46ba9c99 build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0
5c5d30c6 build(deps): bump github.com/docker/cli
36fa8d4e build(deps): bump github.com/docker/docker
2384635e build(deps): bump github.com/moby/buildkit from 0.12.2 to 0.12.3
2ba5e4c1 in watch mode force pull policy to build for services with both build and develop attributes This default behaviour will force a rebuild of the service images at watch process startup and be sure containers will be in sync with the local source code
b1a26dac Assume /src/pkg/compose/testdata absolute workingdir to make tests reproducible
5e77ae92 avoir use of []types.ServiceConfig
f5572201 identify services to build and don't display 'building' if none
8e1b3236 fix --remove-orphans not to consider disabled services as orphaned
7cb1f8ba introduce RuntimeVersion for code to check container runtime supports required features
cb01186c push also consider build.tags
9c4efbdd Strip project prefix from docker-compose up output
8ea7c9e0 Make it context aware and add test skipping options
c1694360 render quiet after filtering applied
254a94b0 bump golang to version 1.21.4
cf608fa9 bump compose-go to v1.20.1
426377a4 reject compose file using `secrets|configs.driver or template_driver`
493f6c80 skips flaky e2e tests on watch and attach
646a8fc0 fix docker/compose#11170 add newline in cmd/compose/build.go fmt.Fprint
2945532f fix --pull documentation
e5cd265a improve watch configuration logging Add action associated to each managed path
d646d757 lint
71237ef6 do not resolve cache dir until remote resource is in use
0d905a89 add a copyright notice with original author
b847c7f5 implement runtime file selection
5e3d8f67 re-implement cache folder detection
67279088 introduce --resolve-image-digests for publish to seal service images by digest
4cd61957 fix build
0d4cbbdb fix
9631a49d ENGDOCS-1764
328ca3f2 add docs upstream validation workflow
e1bbfc63 build(deps): bump go.uber.org/goleak from 1.2.1 to 1.3.0
616bba0a linter errors fixed
ee6e3c2a NetworkList to NetworkInspect for ID search
c7e31a3c Squashing feature branch commits in order to add signoff message.
704a9fd3 Use project.ServiceNames() if no service specified in hash
d9e0e42d Add branch configuration for pull_request trigger
c48e3c4a Initial codeql.yml commit
dd0803db fix SIGTERM support to stop/kill stack
39008c53 align with OCI artifact best practices
6c345b37 refactor(cmd/compose/run): remove redundant `len` check
1ffa194e fail start if depependency is missing
b9298101 check that the pull policy provided is a valid one or is not missing when --pull is used
3d0207eb remove uncessary return value of pullComposeFiles function
16a7c209 enable profile when down is ran with explicit service names
818bc3c3 add sync+restart action to watch attribute
38bc6d5d build(deps): bump github.com/containerd/containerd from 1.7.6 to 1.7.7
0b6ce6ee build(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0
ae16bbbf build(deps): bump google.golang.org/grpc from 1.58.2 to 1.59.0
d13ad1f9 build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0
9b4d577c remove refrecence docs generation
14b43c1a remove cucumber tests as we haven't added new ones for a while
9dd081b9 add support of COMPOSE_ENV_FILES env variable to pass a list of env files
2c0b0232 add dry-run support for publish command
599e4b24 extract method to reduce cyclomatic complexity
fe8c2780 warn user remote resource is disabled
a345515f Don't delete dependent services
8967df7a Apply platform before hashing
4f694919 deps: remove deprecated github.com/pkg/errors
6ecab957 Include image name in error message
12e0ac89 pkg/compose/publish: use empty config descriptor mediaType
a6b7d785 pkg/remote/oci: check artifactType instead of config.mediaType
991901f2 pkg/remote/oci: refer to the manifest as manifest
2d971fc9 update the watch warning message when no services with a develop section
78f33619 ci: enable verbose output for e2e tests (#11045)
44d21280 truncate command by default, introduce --no-trunc flag to get the full command
ff2ff18c build(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2
ab81db5b config --xx don't need `env_file` being parsed
61c8be11 remove --timeout=0 flag to cleanup function of watch e2e test compose down command need the watch process to be killed to succeed
6be5f300 move watch from alpha to main command
c34c306c TestWatch to use new `develop` section
5ca35c88 implement publish
805541be watch: use official `develop` section (#11026)
8f489d6d build(deps): bump github.com/opencontainers/image-spec
9ea8fbc6 build(deps): bump github.com/moby/buildkit from 0.12.1 to 0.12.2
76f150e4 build(deps): bump gotest.tools/v3 from 3.5.0 to 3.5.1
f447c809 build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1
4587d4ba build(deps): bump github.com/containerd/containerd from 1.7.3 to 1.7.6
a697a069 introduce pull --missing flag to only pull images not present in cache
8af49ff3 resolve service reference into container based on observed state
f6e31dbc don't rely on depends_on to resolve volume_from, better use observed state
6d5eb6fd update to go1.21.1
9d7e0ad6 correct scale error messages formatting
1a98a70b add scale command
19bbb12f ci: tweak restricted imports in linter (#10992)
7a134578 deps: upgrade Moby to v24.0.6 and gRPC to v1.58.0 (#10991)
13115468 cli: fix `--build` flag for `create` (#10982)
e1aa4f77 otel: add args & flags to cli traces (#10974)
d7b0b2bd watch: build & launch the project at start (#10957)
e0f39ebb pull OCI remote resource
c9d54f09 introduce publish (alpha) command
52e54ef9 doc: updated README.md to remove broken link
f4f2e934 migrate to github.com/distribution/reference
32c3d0a3 Enable service explicitly requested to be restarted
1fdbcb62 build: pass BuildOptions around explicitly & fix multi-platform issues
407a0d5b up: fix various race/deadlock conditions on exit (#10934)
8caa6f1f pkg/api: replace uuid for basic random id
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
fb2d44b8a0 |
podman: add new kernel module rrecommends
Testing podman + netavark without kernel-modules installed in the image shows some are missing from the rrecomends. It could be argued that they belong in netavark, but since podman + netavark are almost always used together, we group them here. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
081ef3c19c |
podman: update to 5.0.0
Tested with cni:
root@qemux86-64:~# podman version
Client: Podman Engine
Version: 5.0.1-dev
API Version: 5.0.1-dev
Go Version: go1.22.0
Git Commit: 177ea856f579914e0047655f32eb4f9fbc3ddbc4-dirty
Built: Thu Mar 21 17:59:57 2024
OS/Arch: linux/amd64
root@qemux86-64:~# rpm -qa | grep cni
cni-v1.2.0+rc0+gitb62753aa2bfa365c1ceaff6f25774a8047c896b50+b62753aa2b_b6a0e0bc96-r0.core2_64
root@qemux86-64:~# rpm -qa | grep neta
Tested with netavark:
root@qemux86-64:~# podman version
Client: Podman Engine
Version: 5.0.1-dev
API Version: 5.0.1-dev
Go Version: go1.22.0
Git Commit: 177ea856f579914e0047655f32eb4f9fbc3ddbc4-dirty
Built: Thu Mar 21 17:59:57 2024
OS/Arch: linux/amd64
root@qemux86-64:~# rpm -qa | grep netavark
netavark-1.10.3-r0.core2_64
Bumping libpod to version v5.0.0-4-g177ea856f, which comprises the following commits:
bfc63cc32 fix remote build isolation when server runs as root
f32338dfc bump version to v5.0.1-dev
e71ec6f1d New release: v5.0.0
6b93d9e11 Update RELEASE_NOTES.md with CVE-2024-1753
eb2b16d6d [v5.0] Bump Buildah to v1.35.1
43b9ea8b9 Adjust to the standard location of gvforwarder used in new images
4a84f39b3 Switch to 5.x WSL machine os stream using new automation
a03de4c14 rpm: use macro supported vendoring
069439820 Bump to v5.0.0-dev
f8888a13b Bump to v5.0.0-RC7
2e387df07 Add release notes for v5.0.0-rc7
d36ce9c2b fix invalid HTTP header values when hijacking a connection
8891d592b Use faster gzip for compression for 3x speedup for sending large contexts to remote
59512272b pkg/machine: make checkExclusiveActiveVM race free
51eee609c pkg/machine/wsl: remove unused CheckExclusiveActiveVM()
412648207 pkg/machine: CheckExclusiveActiveVM should also check for starting
1ca93f3fb pkg/machine: refresh config after we hold lock
71320df8e rpm: update containers-common dep on f40+
e58cb97de Change API socket to be machine name isolated
dbf38779b Makefile: drop tests-included from validate target
0fdd83173 Add release notes for v5.0.0
d7bc7b7b4 do not require policy.json
82597144b Machine decompress.go refactoring follow-up
abaa179aa Add target win-gvproxy in winmake.ps1
4c5d26f6f Add final machine endpoint
068ddfd19 update API doc version to 5.0.0
f2af295e4 Bump to 5.0.0-dev
d26113ca8 Bump to 5.0.0-rc6
52ed774c2 docs: generate-systemd: add clarification statement
3d6758a61 docs: quadlet: improve docs on root/rootless dirs
885dd2add [CI:DOCS] performance: fix URL and kernel version requirement
e6ac569a1 [CI:DOCS] Remove outdated references
364813da6 Add note for RHEL 8.5
e220d1ce6 Update module gopkg.in/go-jose/go-jose.v2 to v2.6.3 [SECURITY]
f91b8e77b Update module github.com/go-jose/go-jose/v3 to v3.0.3 [SECURITY]
9b21a5b79 Bump to v5.0.0-dev
bbad09bb0 Bump to v5.0.0-rc5
432f4fbf9 Fix Mac CI
d54a37399 Complete policy.json inclusion
b234bb55e Bump Buildah to v1.35.0
5d3a19f8d podman compose: enable machine socket connection
6f4ee16d9 [CI:DOCS] Add farm command to commands list
25f3a8ce7 podman machine start/stop do not write config unlocked
75fa38d52 [CI:BUILD] Build universal Podman binary for Mac installer
7a7591492 podman machine init: do not write config unlocked
7bfe5e700 Fail on failures to close the file descriptors, and especially the SparseWriter
5e0b7e54c Avoid reliance on fs.ErrClosed in SparseWriter users
4c6505be5 Fix the logic for detecting an unexpected close error
81906081e vendor libhvee-0.7.0
3c9c5be7d podman machine set: change options only locked
a65b546c6 Remove copySparseFile
2ba3a2d56 pkg/machine: fix relative DefaultPolicyJSONPath
724c5a06b Don't read full VM File before decompressing
ff81cf7c7 [CI:DOCS] Fix windows installer action
4d2fc293c machine: make more use of strongunits
92b67a69a Fix wrong units size return
79012795a fix(deps): update github.com/containers/libhvee digest to 7cee23c
d6d260174 [CI:DOCS] Migrate podman container image
a349f8d10 fix(deps): update module google.golang.org/protobuf to v1.33.0
39851a0b9 CI: try to fix more flakes
835cfbc05 [CI:BUILD] rpm: Put the podmansh(1) manual in the podmansh sub-package
945995be1 e2e: fix potential race in file-locks test
02403c2e6 Makefile: podman should have correct selinux label
9ee96a956 properly implement pull-error event status
155cd463d fix(deps): update module golang.org/x/tools to v0.19.0
6272abbbb Resurrect auto-port reassignment, but for all providers
ef7727238 Refactor env dir and port functions into new leaf pkgs
eabf0acfa fix(deps): update module golang.org/x/net to v0.22.0
3b72f9178 Revert "Expose as-tested Mac/Windows repository state"
24516f3ef fix(deps): update module golang.org/x/term to v0.18.0
e8bf9a323 Update podman-for-windows.md
8c9222848 fix(deps): update github.com/containers/libhvee digest to 0ff33af
e09444327 machine init: print output to improve UX
530782e11 logformatter: fixes for Macintosh
ebce0e71d test/e2e: check for stderr errors in cleanup()
ef6d38752 Bump to FreeBSD 13.3 (13.2 vanished)
fc4e16366 Bump to v5.0.0-dev
bce14b1e6 fix(deps): update module github.com/stretchr/testify to v1.9.0
cfc5b8e0f Bump to v5.0.0-RC4
185981fa5 Copy past golang/expansion form ks8.io/kubernetes
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3fbc1ae7ca |
podman: conditionally add cni build tag
We should ensure that cni is built as part of podman if that's the configured virtual runtime. Although cni is not a primary networking backend for podman, this also allows it to be skipped if netavark is used. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
4666b2a2d8 |
xen: use bzImage for boot (instead of vmlinux)
Testing with the latest oe-core was unable to boot and only syslinux was running. It appears that the desired kernel is not on the /boot partition, and hence the system can't continue. bzImage is installed and available, so we switch to that. We also ensure that both kernel-vmlinux and kernel-image are installed to the rootfs so we can have choices in the future. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
4e6a74ff63 |
Revert "docker-compose: update to v2.24.6"
One of the vendor components has deleted a commit that docker-compose
is using (and has listed as a replacement in go.mod). Until
docker-compose comes up with a solution, we temporarily revert to
and older compose.
We'll update to the latest 2.23.x if this isn't resolved in 2.24+
before release.
This reverts commit
|
||
|
Bruce Ashfield
|
cabcaf1007 |
k3s: package check-config.sh
In a similar way we package check-config.sh for docker, we package
the contrib script for k3s.
root@qemux86-64:/# ./usr/share/k3s/check-config.sh [48/4924]
Verifying binaries in ./usr/share/k3s:
- sha256sum: sha256sums unavailable
- links: link list unavailable
System:
- /usr/sbin iptables v1.8.10 (legacy): ok
- swap: disabled
- routes: ok
Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000
info: reading kernel config from /proc/config.gz ...
Generally Necessary:
- cgroup hierarchy: cgroups V2 mounted, cpu|cpuset|memory controllers status: good
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_MULTIPORT: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_POSIX_MQUEUE: enabled
Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_SET: enabled (as module)
- CONFIG_IP_VS: enabled
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled (as module)
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled (as module)
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled (as module)
- CONFIG_INET_XFRM_MODE_TRANSPORT: missing
- Storage Drivers:
- "overlay":
- CONFIG_OVERLAY_FS: enabled
STATUS: pass
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
c936858b1b |
kernel/cfg: update configuration for kubernetes
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
29603462e1 |
kernel/cfg: add space before distro optional features
distro optional features need to ensure that they are space separated or we'll have configuration failures. Additionally, always add a local configuration fragment for easy debug and enablement of options. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
54f80102b0 |
k3s: set version.UpstreamGolang in binaries
k3s will refuse to start if the golang version it was built with doesn't match the VERSION_GOLANG linker variable. As an example: https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/61668 We query our version of the compiler and set it in the binaries to ensure they match. Note: this may cause issues if you bump the golang compiler, but k3s doesn't rebuild. We'll worry about that when it happens. With this change, k3s starts and the node becomes ready. root@qemux86-64:~# uname -a Linux qemux86-64 6.6.20-yocto-standard #1 SMP PREEMPT_DYNAMIC Sun Mar 3 16:28:22 UTC 2024 x86_64 GNU/Linux root@qemux86-64:~# kubectl get nodes NAME STATUS ROLES AGE VERSION qemux86-64 Ready control-plane,master 10m v1.28.7-k3s1 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
5984a2e4b6 |
xen-tools/4.17: update to -tip
Bumping xen to version RELEASE-4.17.3-53-g0ebd2e49bc, which comprises the following commits:
0ebd2e49bc x86: protect conditional lock taking from speculative execution
074b4c8987 x86/mm: add speculation barriers to open coded locks
2cc5e57be6 locking: attempt to ensure lock wrappers are always inline
468a368b2e percpu-rwlock: introduce support for blocking speculation into critical regions
7454dad6ee rwlock: introduce support for blocking speculation into critical regions
9d2f136328 x86/spinlock: introduce support for blocking speculation into critical regions
0a53565f18 xen: Swap order of actions in the FREE*() macros
bf70ce8b34 x86/paging: Delete update_cr3()'s do_locking parameter
d85481135d x86/spec-ctrl: Mitigation Register File Data Sampling
6663430b44 x86/spec-ctrl: VERW-handling adjustments
d55d52961d x86/spec-ctrl: Rename VERW related options
76af773de5 x86/spec-ctrl: Perform VERW flushing later in exit paths
77f2bec134 x86/vmx: Perform VERW flushing later in the VMExit path
abc43cf5a6 x86: Resync intel-family.h from Linux
e691f99f17 x86/entry: Introduce EFRAME_* constants
1f94117bec x86/mm: fix detection of last L1 entry in modify_xen_mappings_lite()
1e9808227c hvmloader/PCI: skip huge BARs in certain calculations
54dacb5c02 x86/cpu-policy: Allow for levelling of VERW side effects
2f49d9f89c x86/altcall: always use a temporary parameter stashing variable
c4ee68eda9 libxl: Fix segfault in device_model_spawn_outcome
a59106b276 xen/livepatch: properly build the noapply and norevert tests
5564323f64 xen/livepatch: fix norevert test attempt to open-code revert
c54cf903b0 xen/livepatch: search for symbols in all loaded payloads
b11917de0c xen/livepatch: register livepatch regions when loaded
0ce25b46ab x86/spec: do not print thunk option selection if not built-in
693455c3c3 x86/spec: fix INDIRECT_THUNK option to only be set when build-enabled
76ea2aab36 x86/spec: print the built-in SPECULATIVE_HARDEN_* options
b75bee1832 xen/sched: Fix UB shift in compat_set_timer_op()
9c0d518eb8 x86/HVM: hide SVM/VMX when their enabling is prohibited by firmware
6cbccc4071 xen/arm: Fix UBSAN failure in start_xen()
49f7760237 x86: account for shadow stack in exception-from-stub recovery
9165001081 x86/spec: fix BRANCH_HARDEN option to only be set when build-enabled
1aafe054e7 x86/altcall: use a union as register type for function parameters on clang
229e8a72ee xen/cmdline: fix printf format specifier in no_config_param()
f6b1279254 xen/livepatch: fix norevert test hook setup typo
16f2e47eb1 x86emul: add missing EVEX.R' checks
ea86997727 build: make sure build fails when running kconfig fails
b974528073 libxl: Disable relocating memory for qemu-xen in stubdomain too
1330a5fe44 build: Replace `which` with `command -v`
b3ae0e6201 x86/HVM: tidy state on hvmemul_map_linear_addr()'s error path
415f770d23 x86/hvm: Fix fast singlestep state persistence
463aaf3fbf amd-vi: fix IVMD memory type checks
61da71968e tools/xentop: fix sorting bug for some columns
091466ba55 x86/p2m-pt: fix off by one in entry check assert
afb85cf1e8 lib{fdt,elf}: move lib{fdt,elf}-temp.o and their deps to $(targets)
7bd612727d x86/vmx: Disallow the use of inactivity states
eca5416f9b x86/vmx: Fix IRQ handling for EXIT_REASON_INIT
d0ad2cc5ea x86/intel: ensure Global Performance Counter Control is setup correctly
0ef1fb43dd CirrusCI: drop FreeBSD 12
abcc32f063 x86/amd: Extend CPU erratum #1474 fix to more affected models
6b1864afc1 VT-d: Fix "else" vs "#endif" misplacement
f9e1ed51bd pci: fail device assignment if phantom functions cannot be assigned
4f6e9d4327 update Xen version to 4.17.4-pre
949a4aad41 update Xen version to 4.17.3
958706fd2e xen/arm: page: Avoid pointer overflow on cache clean & invalidate
e2caee491a xen/sched: fix sched_move_domain()
4000522008 Only compile the hypervisor with -Wdeclaration-after-statement
83ae677d2a x86/x2apic: introduce a mixed physical/cluster mode
6eb98dda5c xen/domain: fix error path in domain_create()
5d01aa7ad5 xen/sched: fix adding offline cpu to cpupool
7d8bd64e11 x86emul: avoid triggering event related assertions
4923450c0e tools/xg: Fix potential memory leak in cpu policy getters/setters
eac655d6be xen/x86: In x2APIC mode, derive LDR from APIC ID
e3c1ffb2a3 livepatch: do not use .livepatch.funcs section to store internal state
32c3403e4c x86/mem_sharing: Release domain if we are not able to enable memory sharing
e1f9cb16e2 xen/sched: fix sched_move_domain()
28f44b603f xen/grant: Fix build in PV_SHIM
0527bab090 x86/spec-ctrl: Add SRSO whitepaper URL
c635c17fde x86/i8259: do not assume interrupts always target CPU0
d10db37b78 x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER
267ac3c592 x86/pv-shim: fix grant table operations for 32-bit guests
4bd2c8c8b9 x86/mem_sharing: add missing m2p entry when mapping shared_info page
011d20a69c docs: Fix IOMMU command line docs some more
bb13e63143 x86: support data operand independent timing mode
40685f9283 iommu/vt-d: fix SAGAW capability parsing
ee4ce01198 iommu: fix quarantine mode command line documentation
f6996645d2 x86/pvh: fix identity mapping of low 1MB
e1275e58c7 x86/amd: Address AMD erratum #1485
1a94fc132a x86: Add bit definitions for Automatic IBRS
7eb2a4eba1 tools/pygrub: Fix pygrub's --entry flag for python3
65e1f3d289 cxenstored: wait until after reset to notify dom0less domains
6384cdf0c3 x86: Clarify that only 5 hypercall parameters are supported
2e87f3a03a docs/sphinx: Switch hypercall-abi.rst to named footnotes
4f43614a89 x86/amd: do not expose HWCR.TscFreqSel to guests
0311ff4a2c x86/spec-ctrl: Remove conditional IRQs-on-ness for INT $0x80/0x82 paths
b7a1e10539 iommu/amd-vi: use correct level for quarantine domain page tables
0b56bed864 x86/pv: Correct the auditing of guest breakpoint addresses
3f8b444072 x86/svm: Fix asymmetry with AMD DR MASK context switching
46d00dbf4c libxl: limit bootloader execution in restricted mode
42bf49d74b libxl: add support for running bootloader in restricted mode
f5e211654e tools/pygrub: Deprivilege pygrub
8ee19246ad tools/libfsimage: Export a new function to preload all plugins
3797742067 tools/pygrub: Open the output files earlier
e7059f16f7 tools/pygrub: Small refactors
8a584126ea tools/pygrub: Remove unnecessary hypercall
eb4efdac4c libfsimage/xfs: Add compile-time check to libfsimage
78143c5336 libfsimage/xfs: Sanity-check the superblock during mounts
f1cd620cc3 libfsimage/xfs: Amend mask32lo() to allow the value 32
d665c6690e libfsimage/xfs: Remove dead code
0d8f9f7f27 iommu/amd-vi: flush IOMMU TLB when flushing the DTE
c4e05c97f5 tools/xenstored: domain_entry_fix(): Handle conflicting transaction
90c540c589 x86/shadow: defer releasing of PV's top-level shadow reference
9ac2f49f5f x86/spec-ctrl: Mitigate the Zen1 DIV leakage
19ee1e1faa x86/amd: Introduce is_zen{1,2}_uarch() predicates
2e2c3efcfc x86/spec-ctrl: Issue VERW during IST exit to Xen
e4a71bc0da x86/entry: Track the IST-ness of an entry for the exit paths
5f7efd47c8 x86/entry: Adjust restore_all_xen to hold stack_end in %r14
ba023e93d0 x86/spec-ctrl: Improve all SPEC_CTRL_{ENTER,EXIT}_* comments
3952c73bdb x86/spec-ctrl: Turn the remaining SPEC_CTRL_{ENTRY,EXIT}_* into asm macros
84690fb82c x86/spec-ctrl: Fold DO_SPEC_CTRL_EXIT_TO_XEN into it's single user
dc28aba565 x86/spec-ctrl: Fix confusion between SPEC_CTRL_EXIT_TO_XEN{,_IST}
d2d2dcae87 x86/AMD: extend Zenbleed check to models "good" ucode isn't known for
d31e5b2a9c xen/arm: page: Handle cache flush of an element at the top of the address space
699de51274 x86/irq: fix reporting of spurious i8259 interrupts
8be85d8c0d x86/vmx: Revert "x86/VMX: sanitize rIP before re-entering guest"
a939e953cd x86/svm: Fix valid condition in svm_get_pending_event()
7ca58fbef4 tboot: Disable CET at shutdown
0429822978 libxl: slightly correct JSON generation of CPU policy
ba360fbb64 build: correct gas --noexecstack check
5116fe12d8 x86/iommu: pass full IO-APIC RTE for remapping table update
e08e7330c5 iommu/vtd: rename io_apic_read_remap_rte() local variable
1bd4523d69 x86/ioapic: RTE modifications must use ioapic_write_entry
a885649098 x86/ioapic: add a raw field to RTE struct
d0cdd34dd8 x86/ioapic: sanitize IO-APIC pins before enabling lapic LVTERR/ESR
f04295dd80 xenalyze: Handle start-of-day ->RUNNING transitions
e5f9987d5f x86/head: check base address alignment
7b5155a79e xen/vcpu: ignore VCPU_SSHOTTMR_future
052a8d24bc tools/vchan: Fix -Wsingle-bit-bitfield-constant-conversion
f00d563095 CI: Resync FreeBSD config with staging
e418a77295 rombios: Remove the use of egrep
24487fec3b rombios: Avoid using K&R function syntax
ae1045c429 rombios: Work around GCC issue 99578
37f1d68fa3 x86emul: rework wrapping of libc functions in test and fuzzing harnesses
476d2624ec Config.mk: evaluate XEN_COMPILE_ARCH and XEN_OS immediately
a1f68fb567 build: evaluate XEN_BUILD_* and XEN_DOMAIN immediately
36e84ea02e build: remove TARGET_ARCH, a duplicate of SRCARCH
56076ef445 build: remove TARGET_SUBARCH, a duplicate of ARCH
1c3927f8f6 build: define ARCH and SRCARCH later
8d84be5b55 libxl: Use XEN_LIB_DIR to store bootloader from pygrub
7d88979849 x86: fix build with old gcc after CPU policy changes
2f337a04bf update Xen version to 4.17.3-pre
322a20add0 Update Xen to version 4.17.2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
7fe0f9a8c0 |
xen/4.17: update to -tip
Bumping xen to version RELEASE-4.17.3-53-g0ebd2e49bc, which comprises the following commits:
0ebd2e49bc x86: protect conditional lock taking from speculative execution
074b4c8987 x86/mm: add speculation barriers to open coded locks
2cc5e57be6 locking: attempt to ensure lock wrappers are always inline
468a368b2e percpu-rwlock: introduce support for blocking speculation into critical regions
7454dad6ee rwlock: introduce support for blocking speculation into critical regions
9d2f136328 x86/spinlock: introduce support for blocking speculation into critical regions
0a53565f18 xen: Swap order of actions in the FREE*() macros
bf70ce8b34 x86/paging: Delete update_cr3()'s do_locking parameter
d85481135d x86/spec-ctrl: Mitigation Register File Data Sampling
6663430b44 x86/spec-ctrl: VERW-handling adjustments
d55d52961d x86/spec-ctrl: Rename VERW related options
76af773de5 x86/spec-ctrl: Perform VERW flushing later in exit paths
77f2bec134 x86/vmx: Perform VERW flushing later in the VMExit path
abc43cf5a6 x86: Resync intel-family.h from Linux
e691f99f17 x86/entry: Introduce EFRAME_* constants
1f94117bec x86/mm: fix detection of last L1 entry in modify_xen_mappings_lite()
1e9808227c hvmloader/PCI: skip huge BARs in certain calculations
54dacb5c02 x86/cpu-policy: Allow for levelling of VERW side effects
2f49d9f89c x86/altcall: always use a temporary parameter stashing variable
c4ee68eda9 libxl: Fix segfault in device_model_spawn_outcome
a59106b276 xen/livepatch: properly build the noapply and norevert tests
5564323f64 xen/livepatch: fix norevert test attempt to open-code revert
c54cf903b0 xen/livepatch: search for symbols in all loaded payloads
b11917de0c xen/livepatch: register livepatch regions when loaded
0ce25b46ab x86/spec: do not print thunk option selection if not built-in
693455c3c3 x86/spec: fix INDIRECT_THUNK option to only be set when build-enabled
76ea2aab36 x86/spec: print the built-in SPECULATIVE_HARDEN_* options
b75bee1832 xen/sched: Fix UB shift in compat_set_timer_op()
9c0d518eb8 x86/HVM: hide SVM/VMX when their enabling is prohibited by firmware
6cbccc4071 xen/arm: Fix UBSAN failure in start_xen()
49f7760237 x86: account for shadow stack in exception-from-stub recovery
9165001081 x86/spec: fix BRANCH_HARDEN option to only be set when build-enabled
1aafe054e7 x86/altcall: use a union as register type for function parameters on clang
229e8a72ee xen/cmdline: fix printf format specifier in no_config_param()
f6b1279254 xen/livepatch: fix norevert test hook setup typo
16f2e47eb1 x86emul: add missing EVEX.R' checks
ea86997727 build: make sure build fails when running kconfig fails
b974528073 libxl: Disable relocating memory for qemu-xen in stubdomain too
1330a5fe44 build: Replace `which` with `command -v`
b3ae0e6201 x86/HVM: tidy state on hvmemul_map_linear_addr()'s error path
415f770d23 x86/hvm: Fix fast singlestep state persistence
463aaf3fbf amd-vi: fix IVMD memory type checks
61da71968e tools/xentop: fix sorting bug for some columns
091466ba55 x86/p2m-pt: fix off by one in entry check assert
afb85cf1e8 lib{fdt,elf}: move lib{fdt,elf}-temp.o and their deps to $(targets)
7bd612727d x86/vmx: Disallow the use of inactivity states
eca5416f9b x86/vmx: Fix IRQ handling for EXIT_REASON_INIT
d0ad2cc5ea x86/intel: ensure Global Performance Counter Control is setup correctly
0ef1fb43dd CirrusCI: drop FreeBSD 12
abcc32f063 x86/amd: Extend CPU erratum #1474 fix to more affected models
6b1864afc1 VT-d: Fix "else" vs "#endif" misplacement
f9e1ed51bd pci: fail device assignment if phantom functions cannot be assigned
4f6e9d4327 update Xen version to 4.17.4-pre
949a4aad41 update Xen version to 4.17.3
958706fd2e xen/arm: page: Avoid pointer overflow on cache clean & invalidate
e2caee491a xen/sched: fix sched_move_domain()
4000522008 Only compile the hypervisor with -Wdeclaration-after-statement
83ae677d2a x86/x2apic: introduce a mixed physical/cluster mode
6eb98dda5c xen/domain: fix error path in domain_create()
5d01aa7ad5 xen/sched: fix adding offline cpu to cpupool
7d8bd64e11 x86emul: avoid triggering event related assertions
4923450c0e tools/xg: Fix potential memory leak in cpu policy getters/setters
eac655d6be xen/x86: In x2APIC mode, derive LDR from APIC ID
e3c1ffb2a3 livepatch: do not use .livepatch.funcs section to store internal state
32c3403e4c x86/mem_sharing: Release domain if we are not able to enable memory sharing
e1f9cb16e2 xen/sched: fix sched_move_domain()
28f44b603f xen/grant: Fix build in PV_SHIM
0527bab090 x86/spec-ctrl: Add SRSO whitepaper URL
c635c17fde x86/i8259: do not assume interrupts always target CPU0
d10db37b78 x86/x2apic: remove usage of ACPI_FADT_APIC_CLUSTER
267ac3c592 x86/pv-shim: fix grant table operations for 32-bit guests
4bd2c8c8b9 x86/mem_sharing: add missing m2p entry when mapping shared_info page
011d20a69c docs: Fix IOMMU command line docs some more
bb13e63143 x86: support data operand independent timing mode
40685f9283 iommu/vt-d: fix SAGAW capability parsing
ee4ce01198 iommu: fix quarantine mode command line documentation
f6996645d2 x86/pvh: fix identity mapping of low 1MB
e1275e58c7 x86/amd: Address AMD erratum #1485
1a94fc132a x86: Add bit definitions for Automatic IBRS
7eb2a4eba1 tools/pygrub: Fix pygrub's --entry flag for python3
65e1f3d289 cxenstored: wait until after reset to notify dom0less domains
6384cdf0c3 x86: Clarify that only 5 hypercall parameters are supported
2e87f3a03a docs/sphinx: Switch hypercall-abi.rst to named footnotes
4f43614a89 x86/amd: do not expose HWCR.TscFreqSel to guests
0311ff4a2c x86/spec-ctrl: Remove conditional IRQs-on-ness for INT $0x80/0x82 paths
b7a1e10539 iommu/amd-vi: use correct level for quarantine domain page tables
0b56bed864 x86/pv: Correct the auditing of guest breakpoint addresses
3f8b444072 x86/svm: Fix asymmetry with AMD DR MASK context switching
46d00dbf4c libxl: limit bootloader execution in restricted mode
42bf49d74b libxl: add support for running bootloader in restricted mode
f5e211654e tools/pygrub: Deprivilege pygrub
8ee19246ad tools/libfsimage: Export a new function to preload all plugins
3797742067 tools/pygrub: Open the output files earlier
e7059f16f7 tools/pygrub: Small refactors
8a584126ea tools/pygrub: Remove unnecessary hypercall
eb4efdac4c libfsimage/xfs: Add compile-time check to libfsimage
78143c5336 libfsimage/xfs: Sanity-check the superblock during mounts
f1cd620cc3 libfsimage/xfs: Amend mask32lo() to allow the value 32
d665c6690e libfsimage/xfs: Remove dead code
0d8f9f7f27 iommu/amd-vi: flush IOMMU TLB when flushing the DTE
c4e05c97f5 tools/xenstored: domain_entry_fix(): Handle conflicting transaction
90c540c589 x86/shadow: defer releasing of PV's top-level shadow reference
9ac2f49f5f x86/spec-ctrl: Mitigate the Zen1 DIV leakage
19ee1e1faa x86/amd: Introduce is_zen{1,2}_uarch() predicates
2e2c3efcfc x86/spec-ctrl: Issue VERW during IST exit to Xen
e4a71bc0da x86/entry: Track the IST-ness of an entry for the exit paths
5f7efd47c8 x86/entry: Adjust restore_all_xen to hold stack_end in %r14
ba023e93d0 x86/spec-ctrl: Improve all SPEC_CTRL_{ENTER,EXIT}_* comments
3952c73bdb x86/spec-ctrl: Turn the remaining SPEC_CTRL_{ENTRY,EXIT}_* into asm macros
84690fb82c x86/spec-ctrl: Fold DO_SPEC_CTRL_EXIT_TO_XEN into it's single user
dc28aba565 x86/spec-ctrl: Fix confusion between SPEC_CTRL_EXIT_TO_XEN{,_IST}
d2d2dcae87 x86/AMD: extend Zenbleed check to models "good" ucode isn't known for
d31e5b2a9c xen/arm: page: Handle cache flush of an element at the top of the address space
699de51274 x86/irq: fix reporting of spurious i8259 interrupts
8be85d8c0d x86/vmx: Revert "x86/VMX: sanitize rIP before re-entering guest"
a939e953cd x86/svm: Fix valid condition in svm_get_pending_event()
7ca58fbef4 tboot: Disable CET at shutdown
0429822978 libxl: slightly correct JSON generation of CPU policy
ba360fbb64 build: correct gas --noexecstack check
5116fe12d8 x86/iommu: pass full IO-APIC RTE for remapping table update
e08e7330c5 iommu/vtd: rename io_apic_read_remap_rte() local variable
1bd4523d69 x86/ioapic: RTE modifications must use ioapic_write_entry
a885649098 x86/ioapic: add a raw field to RTE struct
d0cdd34dd8 x86/ioapic: sanitize IO-APIC pins before enabling lapic LVTERR/ESR
f04295dd80 xenalyze: Handle start-of-day ->RUNNING transitions
e5f9987d5f x86/head: check base address alignment
7b5155a79e xen/vcpu: ignore VCPU_SSHOTTMR_future
052a8d24bc tools/vchan: Fix -Wsingle-bit-bitfield-constant-conversion
f00d563095 CI: Resync FreeBSD config with staging
e418a77295 rombios: Remove the use of egrep
24487fec3b rombios: Avoid using K&R function syntax
ae1045c429 rombios: Work around GCC issue 99578
37f1d68fa3 x86emul: rework wrapping of libc functions in test and fuzzing harnesses
476d2624ec Config.mk: evaluate XEN_COMPILE_ARCH and XEN_OS immediately
a1f68fb567 build: evaluate XEN_BUILD_* and XEN_DOMAIN immediately
36e84ea02e build: remove TARGET_ARCH, a duplicate of SRCARCH
56076ef445 build: remove TARGET_SUBARCH, a duplicate of ARCH
1c3927f8f6 build: define ARCH and SRCARCH later
8d84be5b55 libxl: Use XEN_LIB_DIR to store bootloader from pygrub
7d88979849 x86: fix build with old gcc after CPU policy changes
2f337a04bf update Xen version to 4.17.3-pre
322a20add0 Update Xen to version 4.17.2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|