If the usrmerge DISTRO_FEATURE is enabled, modules should be installed
under /usr/lib instead of /lib. We can handle this by using
${root_prefix} in INSTALL_MOD_PATH.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This also fix building with clang 1.15
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
cloud-init has been dual licensed for a while. According to the
LICENSE file this package is dual-licensed Apache 2 and GPL 3. This has
been the case since commit b2a9f3361 in 2016. This has applied to every
release since 17.1.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
cloud-init installs its data in nonarch_libdir, not libdir, so package
that. On non-multilib builds this wouldn't be noticed.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Update criu from 3.17 to 3.17.1:
* update file path and remove __pycache__ directory in do_install
* rebase 0002-criu-Change-libraries-install-directory.patch
* backport patches to fix build errors with glibc 2.36.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
rocksdb has been updated to 7.5.3 in meta-oe causing
ceph compilation to fail.
Backport necessary patches to allow ceph to work with
newer versions rocksdb.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping buildah to version v1.25.0-420-g13622b14, which comprises the following commits:
9c640b00 tag v1.27.2
264c825f Fix broken command completion
be919817 build: support --skip-unused-stages for multi-stage builds
40cd1053 release: bump to v1.27.1
4a8bf740 run: add container gid to additional groups
db8d5921 release: tag v1.27.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
meta-selinux has always been a soft dependency of meta-virt, as
such, it isn't in the layer dependencies.
To avoid yocto compat errors, and keep the dependency soft, we
add a skiprecip to udica if meta-selinux is not present.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping kvmtool to latest, which comprises the following commits:
336751f Makefile: Introduce LIBFDT_DIR to specify libfdt location
6c88c26 virtio/rng: Zero-initialize the device
fe21827 virtio/pci: Deassert IRQ line on ISR read
ae22ac7 Makefile: Fix ARCH override
3863f34 Makefile: Add missing build dependencies
6a1f699 arm64: pvtime: Use correct region size
c86ef0b virtio/pci: Remove VIRTIO_PCI_F_SIGNAL_MSI
3d5cefc virtio/pci: Initialize all vectors to VIRTIO_MSI_NO_VECTOR
5fe5eb0 virtio: Add support for modern virtio-mmio
22a0823 virtio: Move MMIO transport to mmio-legacy
b0d56e3 virtio: Add support for modern virtio-pci
930876d virtio: Move PCI transport to pci-legacy
3c8f82b virtio: Prepare for more feature bits
de166e5 virtio/net: Set vhost backend after queue address
73fd136 virtio/pci: Use the correct eventfd for vhost notification
21c9bc7 virtio/pci: Make doorbell offset dynamic
d060729 virtio: Extract init_vq() for PCI and MMIO
c6590f7 virtio/pci: Delete MSI routes
8b91a18 arm64: Allow the user to specify the RAM base address
3f7e48f Introduce kvm__arch_default_ram_address()
a37dad0 arm/arm64: Consolidate RAM initialization in kvm__init_ram()
5e9c654 kvm__arch_init: Remove hugetlbfs_path and ram_size as parameters
a9c24ec builtin_run: Allow standard size specifiers for memory
d6d4220 arm/arm64: Kill the ARM_HIMAP_MAX_MEMORY() macro
1af57dc arm/arm64: Kill the ARM_MAX_MEMORY() macro
cce5a4f arm/arm64: Fail if RAM size is too large for 32-bit guests
abe3f28 builtin-run: Add arch hook to validate VM configuration
28b9625 builtin-run: Rework RAM size validation
9d65519 builtin-run: Always use RAM size in bytes
024c331 Use MB for megabytes consistently
d9fdaad arm: gic: fdt: fix PPI CPU mask calculation
f44af23 virtio/pci: Factor MSI route creation
4842789 virtio/blk: Implement VIRTIO_F_ANY_LAYOUT feature
e74b56e virtio/console: Add VIRTIO_F_ANY_LAYOUT feature
6daffe5 virtio/net: Implement VIRTIO_F_ANY_LAYOUT feature
b231683 virtio/net: Prepare for modern virtio
8b27bcf virtio/net: Offload vnet header endianness conversion to tap
c492534 Add memcpy_fromiovec_safe
902a8ec virtio: Remove set_guest_features() device op
17ad9fd virtio/console: Remove unused callback
867b15c virtio: Fix device-specific config endianness
15e6c4e virtio: Add config access helpers
609ee90 virtio: Support modern virtqueue addresses
fd41cde virtio: Factor virtqueue initialization
a8e397b virtio/vsock: Remove redundant state tracking
3a1e36e virtio: Remove redundant test
7efc262 virtio: Add NEEDS_RESET to the status mask
b4531b2 riscv: Add missing asm/kernel.h header
6f6f384 mips: Do not emulate a serial device
8ec1e8b arm64: Honor --vcpu-affinity for aarch32 guests
1a992bb include: add new virtio uapi header files
e539078 include: update virtio UAPI headers
393e218 util: include virtio UAPI headers in sync
7e22099 update virtio_mmio.h
a68a52c kvmtool: Have stack be not executable on x86
31e0eac virtio: Check for overflows in QUEUE_NOTIFY and QUEUE_SEL
e473028 virtio: Sanitize config accesses
3510a7f virtio/9p: Fix virtio_9p_config allocation size
06e1e6f virtio: Use u32 instead of int in pci_data_in/out
52d4ee7 mmio: Sanitize addr and len
143ffa2 kvmtool: Add WARN_ONCE macro
bc77bf4 stat: Add descriptions for new virtio_balloon stat types
3a13530 virtio/balloon: Fix a crash when collecting stats
324cc09 aarch64: Give up with MTE for AArch32 guest
4639b72 arm64: Add --vcpu-affinity command line argument
1393bda arm64: Add support for KVM_ARM_VCPU_PMU_V3_SET_PMU
083a976 update_headers.sh: Sync ABI headers with Linux v5.18-rc2
0febaae Add cpumask functions
83713e7 arm64: Rework set_pmu_attr()
f57ce44 arm: Make the PMUv3 emulation code arm64 specific
b23aed2 arm: Get rid of the ARM_VCPU_FEATURE_FLAGS() macro
412ee13 arm: Move arch specific VCPU features to the arch specific function
5898515 arm/arm64: pmu.h: Add missing header guards
d9b64eb linux/bitops.h: Include wordsize.h to provide the __WORDSIZE define
443cd88 linux/err.h: Add missing stdbool.h include
5657dd3 aarch64: Add support for MTE
af1b793 update_headers.sh: Sync ABI headers with Linux v5.17
ffa8654 Make --no-pvtime command argument arm specific
faae833 Revert "kvm tools: Filter out CPU vendor string"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
After upgrading from honister to kirkstone the build always failed
during the package_write_ipk step, because the package name has
been overwritten because of the typo in FILES.
While investigating, I discovered another typo in class-devupstream.
Signed-off-by: Guenther Meyer <g.meyer@signum-media.de>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The linkshared is not supported in some machines like riscv64 and
when supported we can use the GO_LINKSHARED instaed.
So export GO_LINKSHARED on the recipe to be available for Makefile.
This is currently only used in libnetwork for the proxy build, but
could be used in additional locations in the future.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This is useful for podman system tests.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
udica provides an (easier) way to generate selnux policies
for containers. since we already have selinux has a dependency
of meta-virt, we might as well make policy creation easier.
See https://github.com/containers/udica, for details on how
to use the tool.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Changing the clone location of kubernetes allows us to remove the
vendor symlink "fix". This reduces the number of TMPDIR references
in the binaries.
kubernetes takes care of most of the rest via using asmflags and
gcflags interally which specify -trimpath, but unfortunately these
flags are being recorded into the binaries and leave us with 4
references to the TMDIR:
-asmflags=all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-gcflags="all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-asmflags=all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-gcflags="all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
We leave these for now, as attempts to remove them have broken
the build, and kubernetes uses 'go install' versus 'go build' to
construct the binaries .. making our normal solutions non functional.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
restructure the containerd source layout to avoid symlinking vendor
dependencies. This avoid go recording paths in the final binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
convert the riddler recipe to a structure that doesn't need a
symlinked vendor directory. go records these links in the binary,
making our output non-reproducible.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The structure of the source code layout that was used by
this recipe required symlinking subirectories of the source
into a location that would be searched by go. While this
fixes the build, and produces a working binary, go stores
the location into the binary itself. Those stored paths
reference the build directory, making the result not
reproducible.
With this change, we create an alternate structure that
doesn't require symlinking and allows go to find the
components during build. This results in a simpler recipe
and binaries without TMPDIR references.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The structure of the source code layout that was used by
this recipe required symlinking subirectories of the source
into a location that would be searched by go. While this
fixes the build, and produces a working binary, go stores
the location into the binary itself. Those stored paths
reference the build directory, making the result not
reproducible.
With this change, we create an alternate structure that
doesn't require symlinking and allows go to find the
components during build. This results in a simpler recipe
and binaries without TMPDIR references.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The yq build was broken:
- some repositories have moved from master -> main
- missing dependencies, that were being fetched in the compile task
Correcting these issues fixes yq' build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
go-builds compilation is fetching runc as a dependency, we can't
do that in the compilation phase without an exception, or throwing
an error.
We add the runc dependency and fetch it directly into the required
directory. This avoids the build time fetch, and we better control
the revision. win-win.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
To fix most of the TMPDIR references, we pass -trimpath to the build
via a new variagle GOBUILDFLAGS.
There are still some debug references to TMDIR, that will be fixed
at a later time.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Skopeo is throwing TMPDIR QA warnings due to paths being built
into the binaries. We fix this by creating a new variable to
pass -trimpath into the build, and also by defining the linker
flags -w -s to strip source/path information from the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Variable overrides have stopped working when this specific .inc
file are used. To keep the demo working, we temporarily copy the
exact contents of the .inc file into the recipe .. and all is well.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Symlink the date-time based image name, to just the imagename-oci.
This makes scripting use of the deployed container much simpler.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This is useful for demonstrating how entry points and functionality
can be delivered in containers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We get the following QA warning on build:
WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths]
This is the first step in fixing the QA warning, by dropping our
debug patch, passing -trimpath and not defining GO_DEBUG.
This leaves a final reference similar to:
path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr
That is being stored in the .rodata of the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
To avoid go embedding references to the build dir into binaries,
we pass -trimpath to the build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
When executing `k3s --version` the mentioned version
`k3s version dev (HEAD)`. The root cause is, that the BUILD_FLAGS
were not the expected ones. After that patch, the k3s is reporting
the correct version.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
There's compilation error when building lxc for ARM/ARM64 BSPs.
The error message is as below:
| ../git/src/lxc/cgroups/cgfsng.c🔢111: error: incompatible
type for argument 10 of 'sd_bus_call_method_asyncv'
The 10th argument is of type va_list but NULL is supplied, thus causing
compilation error.
So we use sd_bus_call_method_async to replace the asyncv one to
solve this issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}"
in the recipe.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping podman-tui to version v0.5.0-40-g8f2b80f, which comprises the following commits:
95abf3a Bump github.com/containers/podman/v4 from 4.1.1 to 4.2.0
868a762 Bump github.com/containers/buildah from 1.26.4 to 1.27.0
7b02fb5 Bump github.com/containers/buildah from 1.26.2 to 1.26.4
0932c65 Bump github.com/containers/common from 0.48.0 to 0.49.0
7fff27e Fix flaky tests
87589d6 Fix typos
24a3fff Bump github.com/containers/storage from 1.41.0 to 1.42.0
6795a8f Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0
e4f465b Bump github.com/onsi/gomega from 1.19.0 to 1.20.0
85a603b Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
8829267 Running golangci-lint on pdcs/pods, pcs/containers
d027158 running golangci-lint on pdcs/images
431dbd7 Makefile target to run codespell
2408394 running golangci-lint on pdcs/sysinfo
a4f7c62 running golangci-lint on pdcs/networks
7b35f80 running golangci-lint on pdcs/volumes
9f0fdd5 Bump github.com/containers/buildah from 1.26.1 to 1.26.2
08f96d0 Bump github.com/navidys/tvxwidgets from 0.1.0 to 0.1.1
9a4dfd5 running golangci-lint on pdcs/registry and pdcs/utils
a158603 Makefile - install golangci-lint and codespell tools
843dee3 Bump to v0.6.0-dev
e0db08b Bump to v0.5.0
117087b Bump github.com/spf13/cobra from 1.4.0 to 1.5.0
3e4d6c3 code coverage for network and volume create dialogs
ac570c3 github workflow: adding templates for bug report and features
082cf8e docs: adding security policy
1339a05 Bump github.com/containers/podman/v4 from 4.1.0 to 4.1.1
9f92e1c new feature - image push
666026d Bump github.com/docker/docker
6e50e26 show confirmation dialog in the center of different views
a55466b disk usage dialog table headers color update
8f21399 docs update - Mac build
0d13526 Esc key shall not close dialogs if its dropdown widgets has focus
a957454 docs update - Mac build
d6d81f6 Bump github.com/rs/zerolog from 1.26.1 to 1.27.0
95187ec infobar + help color update for headers
c25c20e using images.GetImage function for image inspect
83b1ac5 new feature - container commit
509532b image history dialog update
a4488bf update button labels based on their function
c15c697 makefile update - darwin build
ce6a55f Bump to v0.5.0-dev
fafb1dc Bump to v0.4.0
bc9c56d running codespell
a23b601 code coverage for ui/utils
36230ca CI setup
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping crun to version 1.5-41-gce7533a, which comprises the following commits:
ad9008b copr: depend on wasmtime-c-api for shared lib
972d595 krun: add support for krun-sev
e539aae tests: fix fedora rawhide mockbuild
559902d autobuild copr rpms with wasmtime support
d39f45d wasmtime: always grant filesystem capability for wrkdir inside container
b937322 wasmtime: inherit argv from handler argument instead of process
477ecc8 crun: restore will work on realpath
1083f9d tests,podman: skip push to local registry with authorization
29599a5 tests: disable login/logout tests
8ff3eba rpm/Makefile: Fix copr build (follow-up on #979)
f5244c7 rpm/Makefile: install all dependencies on mock environments
a37b06a rpm/Makefile: install git-core in tarball-prep
ab18c71 cgroup: change delegate cgroup after cgroupns creation
4716692 cgroup: add new function libcrun_cgroup_enter_finalize
9139896 tests: disable broken test
a45faa2 rpm/Makefile: autobuild rpms on podman-next copr
7ea284f src: make some error messages lower case
43f420a syntax-check: enable prohibit atoi and atof
9920e7b wasmer: move definitions earlier
54e2519 wasmer: drop not needed indentation
54fe445 wasmer: fix errors return code
86f9a5c syntax-check: enable prohibit always true header tests
a07112c syntax-check: enable no period at end of message check
2656de5 maint.mk: update from upstream gnulib
3df1458 linux: fix build with glibc 2.36
14b2102 pidfd: fallback on ENOSYS
fd01ef4 nix: allow to pass extra args to the runtime
a91e905 NEWS: tag 1.5
2c94290 nix: update nix dependencies
76ead7b wasm: add support for running containers using wasmtime
88e8710 python: unset LIBCRUN_RUN_OPTIONS_PREFORK for run
9ceba95 crun: move config_file* to container
639c98f cgroup: add fallback to io.weight
c75b58d wasm,wasmedge: drop support for experimental WasmEdgeProcess
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping cri-tools to version v1.24.2-35-g77d02a03, which comprises the following commits:
a685ed61 No truncate PodID in ps command if --no-trunc exists
90214b0c Bump version in install section to 1.24.2 on README
acf387b3 Update crictl pods to show pod name
e7c20ee1 Switch to golang native error wrapping
cee70655 Bump github.com/urfave/cli/v2 from 2.11.0 to 2.11.1
e8133ffb Bump github.com/onsi/gomega from 1.19.0 to 1.20.0
b8543347 Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
57da46e7 Add documentation about 'statsp' command
6182e3ce Implement checkpoint command
8152f295 Bump github.com/urfave/cli/v2 from 2.10.3 to 2.11.0
a0a19a36 Bump github.com/urfave/cli/v2 from 2.10.2 to 2.10.3
4bb67144 Validate container status in volume mount tests
4da8fc8d Switch to go 1.18 for GitHub actions
1f6b4299 Bump github.com/urfave/cli/v2 from 2.10.1 to 2.10.2
99b030fe Switch to go 1.18 as requirement
55020abc Bump github.com/urfave/cli/v2 from 2.8.1 to 2.10.1
1e69ea9c Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3
b9de22b0 Bump github.com/docker/docker
d7fb1f5b Fix timeout for exec sync
ecb5c7f8 Fix cri-dockerd build
d2da6561 Bump github.com/urfave/cli/v2 from 2.8.0 to 2.8.1
ce68c70c skip tests for dockershim
4f533d58 add-list-stat-test: add tests for list stats
db554dad Bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.0
d000ae7a docs: update the version to the latest
acf82056 Bump github.com/docker/docker
a7df3acb Bump github.com/onsi/ginkgo/v2 from 2.1.3 to 2.1.4
603495f3 Bump github.com/opencontainers/runc from 1.1.1 to 1.1.2
8c659770 Remove selinux build tag
d4fe3e7a cmd/critest: fix empty ginkgo flag's value issue
4ee0c367 Add lifecycle index in benchmark update messages.
8ba9205d Skip benchmarks if associated resource number is not set.
2ba1d0e3 Standardize image lifecycle and listing benchmarks.
64263891 Parametrize benchmarking-related timeouts.
4355d842 Pass verbose flag when querying Container/Pod statuses.
b40d492e Formalize mechanism for recording/managing benchmark results.
2dd37ab8 Parametrize benchmark settings.
52e0c3dc Rewrite pod.go
f0f71212 Vendor onsi/gomega/gmeasure
21aebcad Bump github.com/docker/docker
81036863 Bump github.com/urfave/cli/v2 from 2.5.1 to 2.6.0
f9710f79 Vendor Kubernetes v1.24.0
3ceb4eee Fixes the incubator project reference
1a168cb6 update containerd socket in windows
54148d3d Bump github.com/opencontainers/runc from 1.1.0 to 1.1.1
ce9a5aec Switch to ginkgo/v2
9e9d83d6 Bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1
a156899c Bump github.com/opencontainers/selinux from 1.10.0 to 1.10.1
4291d65c Bump github.com/docker/docker
5fe1f012 Bump github.com/onsi/gomega from 1.18.1 to 1.19.0
dd6467a3 install CNI on linux
abeab06b Fix setup-gcloud action by referencing `v0`
69579189 Fix CRI-O tests
511767e5 Add CRICTL_AUTH env var option to crictl pull
1616f258 Make RPCs CRI v1 and v1alpha2 compatible
769acd39 Bump github.com/urfave/cli/v2 from 2.3.0 to 2.4.0
e5877df5 Bump github.com/docker/docker
6a2a5284 Bump google.golang.org/grpc from 1.44.0 to 1.45.0
e27bb02f Bump github.com/docker/distribution
3e01b9f2 fix seccomp test case for arm64
c6d3e52e Add `crictl statsp` command
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping cri-o to version v1.24.0-292-gda7b5b1d9, which comprises the following commits:
4b6936f8f bump cri-api to k8s 1.25 rc0
1988e00f0 server: handle exit files asynchronously
45a55ed20 server: remove exit file in exit monitor
ced6fdaca server: cleanup exit monitor function
1e27ac3eb server: allow for kubelet to specify -1 for swap
3e7fd1de9 Add packit configuration
66b2ccc34 fix lint errors from 1.19 bump
9b49723de golangci: drop nolintlint
1e2f0055f bump golangci-lint to 1.48.0
7fe1f1b9e dependencies: update with new ci
c42d0d464 bump golang to 1.19
2426f669f fix documentation issue in contrib/cni/README.md: build-output changed
cc933c7a8 build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
30bb89319 utils/RunUnderSystemdScope: fix
3e0aa19bd oci: take opLock for UpdateContainer
a560c8d8f node_e2e_installer: use runc/crun from PATH
1c4d63c41 build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
3d0fc3630 fix documentation issues in contrib/cni/README.md
33fbbcde1 Fix possible panic in pod runtime attach
784245033 Pin containers/* dependencies
e82c16b16 migrate image_list to quay.io
f7d02e2c4 add critest-images mirror
dc5769f4f add GCP vagrant environment
76c96ce83 build(deps): bump github.com/containernetworking/cni from 1.1.1 to 1.1.2
2e8612255 Add bundle e2e and integration tests using conmonrs
d4530cb40 Fix nginx based integration tests
45badb2a0 add vagrantfile to test CI and fixes
7f4ddeca6 build(deps): bump sigs.k8s.io/release-utils from 0.7.2 to 0.7.3
19ae364e0 Enter mount namespace if set in $KUBENSMNT environment
483fd0cf0 bats: Alter cleanup_testdir to handle nested mountpoints
65b52fb80 highperfhooks: avoid unbound growth of irqbalance
e09fe0efa Add support for max log size in runtime pod
d3cd7a07b unzips cri-o to the go dir
c60fd9473 Bump crun: 1.4.5 -> 1.5
c2984518d build(deps): bump github.com/urfave/cli/v2 from 2.11.0 to 2.11.1
c42240355 build(deps): bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0
9d5abc2ad Add Lyft to adopters
eff3a3191 build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
74fa8341f Re-enable conmon-rs attach test
ad5f650bd Remove etcd dependency replacement
f6d6ba4c7 updates ansible for use with prow instead of jenkins
d8e76f15e copies test/integration to test/ci
35f4900ba Pin sigs.k8s.io/bom to v0.3.0
edb06fbf9 Switch to `github.com/blang/semver/v4`
6a1b6b581 Fallback to default seccomp profile if not found on disk
639843795 build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0
7dc5333c6 build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
222051ffb build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
45304727c build(deps): bump github.com/urfave/cli/v2 from 2.10.3 to 2.11.0
084dbcf4d build(deps): bump github.com/emicklei/go-restful
8c66b2aa3 remove succinct option to fix jenkins
4f75284ff build(deps): bump k8s.io/klog/v2 from 2.70.0 to 2.70.1
4ca27d0b0 Remove enable_custom_shm_size
f71d92ed8 Retry dependency report push if failed
410258613 Fix Unmasked ProcMountType
8e6895172 Add a unit test around configuring taskset on InfraCtrCPUSet
5a59d9f58 Add test for "Canonize selinux label"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping containerd to version v1.6.8-8-g579a6380e, which comprises the following commits:
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
0448673af Do not append []string{""} to command to preserve Docker compatibility
5c230ece0 Fix cleanup in critest
ed9d3dc37 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices
3364f411e Prepare release notes for v1.6.8
390920429 release workflow: remove Go setup action
cf48ba6e8 release workflow: increase timeout to 30 minutes
57873e652 release: rollback Ubuntu to 18.04 (except for riscv64)
eccb82f6d Update release build timeout to 20 minutes
6a854d4b5 Update mailmap
61612e1a2 Prepare release notes for 1.6.7
d199ee462 Update golang to 1.17.13
0578d20c5 Change os.Stderr reassign for Windows service
12cae4961 Update Vagrant CI to macos-12
bc4091aae chore: bump macos runner version
cb73bd050 Windows HostProcess container CRI stats test
ac388525a Add validations for Windows HostProcess CRI configs
0007f40fe [release/1.6] go.mod: Bump hcsshim to v0.9.4
c9607e78c Update Fedora version to 36
2952b66c0 CI: add riscv64 builds
6b2dc9a37 release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64
745dc07c4 seccomp: support riscv64
c2f841f21 Create ppc64le release
86b55bd8d seccomp: allow clock_settime64 when CAP_SYS_TIME is added
f3da3e51f allow ptrace(2) by default for kernel >= 4.8
aa1101068 [release/1.6] update golang to 1.17.12
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping conmon to version v2.1.3-5-g19110c9, which comprises the following commits:
636e239 Use /usr/bin/env to locate bash
d7625dc Cirrus: Add meta task to keep CI VM images alive
ab52a59 VERSION: bump to 2.1.3
a627951 meson: build with seccomp if available
1750b2d Fix build on FreeBSD-13.0
0a2e0db Reduce the amount of duplicated code between Linux and FreeBSD
32816bd Port conmon to FreeBSD
b1ca51f gh actions: bump versions
05163fd bump golang in gh action to 1.18
d91cc43 Stop using g_unix_signal_add() to avoid threads
2bc95ee [Fixup #342] `log-size-global-max` Should Be`log-global-size-max`
99eac3e bump to v2.1.2
143121b log_global_max: ignore if negative
98058b1 add log-global-size-max option to limit the total output conmon processes
65b6eaa bump to v2.1.1
81086b7 journald: print tag and name if both are specified
c61367c logging: add missing static keyword
0c3412a drop some logs to debug level
4c41ec2 meson: Handle journald
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping buildah to version v1.25.0-411-gdb8d5921, which comprises the following commits:
db8d5921 release: tag v1.27.0
50a4acb0 make,cross: ignore loong64 from target list
15b0a250 Allow chflags operations inside the container
fb6da991 Don't try to call runLabelStdioPipes if spec.Linux is not set
e8c7e3fe build(deps): bump github.com/golangci/golangci-lint in /tests/tools
b7f51ea3 build: support filtering cache by duration using --cache-ttl
b218fdf3 build: support building from commit when using git repo as build context
99488b06 build: clean up git repos correctly when using subdirs
8bbeed70 integration tests: quote "?" in shell scripts
5f34c5e2 Fix a copy/paste error
f96bf7c5 build(deps): bump github.com/golangci/golangci-lint in /tests/tools
50183aa0 vendor c/common@v0.49.1
dfba70e9 test: manifest inspect should have OCIv1 annotation
873a9e1f vendor: bump to c/common@87fab4b701
81b4edfa Failure to determine a file or directory should print an error
5e3f7cea build(deps): bump github.com/containernetworking/cni from 1.1.1 to 1.1.2
ad4976d0 refactor: remove unused CommitOptions from generateBuildOutput
dbd22863 stage_executor: generate output for cases with no commit
adbd7ef5 stage_executor, commit: output only if last stage in build
bb149ea6 Use errors.Is() instead of os.Is{Not,}Exist
ac5d37c0 Minor test tweak for podman-remote compatibility
a47dee2c Cirrus: Use the latest imgts container
239c06cf imagebuildah: complain about the right Dockerfile
bef61d79 tests: don't try to wrap `nil` errors
c9407334 cmd/buildah.commitCmd: don't shadow "err"
36006c9a cmd/buildah.pullCmd: complain about DecryptConfig/EncryptConfig
0ded0dca Fix a copy/paste error message
aed3fdc7 Fix a typo in an error message
6f660bde build,cache: support pulling/pushing cache layers to/from remote sources
6c96dd95 Update vendor of containers/(common, storage, image)
ac4b39a2 Rename chroot/run.go to chroot/run_linux.go
79bc4a38 Don't bother telling codespell to skip files that don't exist
62954c89 Set user namespace defaults correctly for the library
c79f7272 imagebuildah: optimize cache hits for COPY and ADD instructions
6841f92e Cirrus: Update VM images w/ updated bats
6243a938 build(deps): bump github.com/onsi/gomega from 1.19.0 to 1.20.0
eb4ec4a9 docs, run: show SELinux label flag for cache and bind mounts
a51011f4 build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
05d48980 imagebuildah, build: remove undefined concurrent writes
d0a675ed bump github.com/opencontainers/runtime-tools
dc1bc10d Add FreeBSD support for 'buildah info'
80870d50 Vendor in latest containers/(storage, common, image)
4387e7e3 Add freebsd cross build targets
d0ef62ae Make the jail package build on 32bit platforms
36d95b05 Cirrus: Ensure the build-push VM image is labeled
e1f3468a GHA: Fix dynamic script filename
7c0f2253 Vendor in containers/(common, storage, image)
6fb7bb4b Run codespell
2c8436a7 Remove import of github.com/pkg/errors
34026835 Avoid using cgo in pkg/jail
ad389b19 Rename footypes to fooTypes for naming consistency
cdac8e1b Move cleanupTempVolumes and cleanupRunMounts to run_common.go
4b7c61d5 Make the various run mounts work for FreeBSD
57a73847 Move get{Bind,Tmpfs,Secret,SSH}Mount to run_common.go
0832ea2f Move runSetupRunMounts to run_common.go
9c808c76 Move cleanableDestinationListFromMounts to run_common.go
c21f4bd2 Make setupMounts and runSetupBuiltinVolumes work on FreeBSD
cf079d01 Move setupMounts and runSetupBuiltinVolumes to run_common.go
417c6018 Tidy up - runMakeStdioPipe can't be shared with linux
95a18737 Move runAcceptTerminal to run_common.go
1ab56715 Move stdio copying utilities to run_common.go
ba5ff64d Move runUsingRuntime and runCollectOutput to run_common.go
b290c861 Move fileCloser, waitForSync and contains to run_common.go
bff1c193 Move checkAndOverrideIsolationOptions to run_common.go
75ae8040 Move DefaultNamespaceOptions to run_common.go
acdf4777 Move getNetworkInterface to run_common.go
8e36f5fc Move configureEnvironment to run_common.go
f68f1092 Don't crash in configureUIDGID if Process.Capabilities is nil
7ea97716 Move configureUIDGID to run_common.go
a405d62c Move runLookupPath to run_common.go
4d9a035e Move setupTerminal to run_common.go
42010799 Move etc file generation utilities to run_common.go
1c0a08e3 Add run support for FreeBSD
3faa6984 Add a simple FreeBSD jail library
6bb4efdb Add FreeBSD support to pkg/chrootuser
76a0c821 Sync call signature for RunUsingChroot with chroot/run.go
8dca0a65 test: verify feature to resolve basename with args
f146c718 vendor: bump openshift/imagebuilder to master@4151e43
d300c614 GHA: Remove required reserved-name use
35bfc66a buildah: set XDG_RUNTIME_DIR before setting default runroot
9d7ac758 imagebuildah: honor build output even if build container is not commited
9445aa12 chroot: honor DefaultErrnoRet
48c888a6 [CI:DOCS] improve pull-policy documentation
0e745d15 tests: retrofit test since --file does not supports dir
ce384684 Switch to golang native error wrapping
825561b2 BuildDockerfiles: error out if path to containerfile is a directory
066b5448 define.downloadToDirectory: fail early if bad HTTP response
fc9255f5 GHA: Allow re-use of Cirrus-Cron fail-mail workflow
7a22c40e add: fail on bad http response instead of writing to container
dab6d12e build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0
263f5adc [CI:DOCS] Update buildahimage comment
252bf17b lint: inspectable is never nil
869c705d vendor: c/common to common@7e1563b
5686018e build: support OCI hooks for ephemeral build containers
c0be04e6 [CI:BUILD] Install latest buildah instead of compiling
1fd5d73f Add subid support with BuildRequires and BUILDTAG [NO NEW TESTS NEEDED]
d6340b6c build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.5
ffce8b36 Make sure cpp is installed in buildah images
404852be demo: use unshare for rootless invocations
198b4c36 buildah.spec.rpkg: initial addition
74f2c9bd build: fix test for subid 4
d3eeea37 build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0
20c5c5c6 build, userns: add support for --userns=auto
ecae0e2f Fix building upstream buildah image
e54c9efa Remove redundant buildahimages-are-sane validation
cf6b1bcf Docs: Update multi-arch buildah images readme
0a1d828d Cirrus: Migrate multiarch build off github actions
0d3246ff retrofit-tests: we skip unused stages so use stages
08bc5d91 stage_executor: dont rely on stage while looking for additional-context
25f9ff84 buildkit, multistage: skip computing unwanted stages
dc07d9ff More test cleanup
b23a20ee copier: work around freebsd bug for "mkdir /"
f577fc4f Replace $BUILDAH_BINARY with buildah() function
0b7c5002 Fix up buildah images
be3b9c36 Make util and copier build on FreeBSD
9042b86b Vendor in latest github.com/sirupsen/logrus
8bbe7a60 build(deps): bump github.com/opencontainers/runc from 1.1.2 to 1.1.3
8d9e9d6f Makefile: allow building without .git
2d4d2824 run_unix: don't return an error from getNetworkInterface
79bab77a run_unix: return a valid DefaultNamespaceOptions
39880517 Update vendor of containers/storage
c06c6dbb chroot: use ActKillThread instead of ActKill
ed4412b9 use resolvconf package from c/common/libnetwork
ee3d131d update c/common to latest main
7cc5f198 copier: add `NoOverwriteNonDirDir` option
3aea4093 Sort buildoptions and move cli/build functions to internal
d452494d build(deps): bump github.com/fsouza/go-dockerclient from 1.8.0 to 1.8.1
9c7ce03f build(deps): bump github.com/docker/docker
f2dae989 build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
2182e0af build(deps): bump github.com/containerd/containerd from 1.6.5 to 1.6.6
236c0bab Fix TODO: de-spaghettify run mounts
6225b23d Move options parsing out of build.go and into pkg/cli
7cf6dbd4 [CI:DOCS] Tutorial 04 - Include Debian/Ubuntu deps
495add93 build, multiarch: support splitting build logs for --platform
1ac1f035 build(deps): bump github.com/containerd/containerd from 1.6.4 to 1.6.5
be9ef3b6 [CI:BUILD] WIP Cleanup Image Dockerfiles
0bcc7c5e build(deps): bump github.com/fsouza/go-dockerclient from 1.7.11 to 1.8.0
60b625ce cli remove stutter
e80fed06 docker-parity: ignore sanity check if baseImage history is null
c61ecc69 build, commit: allow disabling image history with --omit-history
4cf93e3e Fix use generic/ambiguous DEBUG name
73a5ec42 build(deps): bump github.com/containernetworking/cni from 1.1.0 to 1.1.1
1a79fbed Cirrus: use Ubuntu 22.04 LTS
0986de40 Fix codespell errors
00d46292 Remove util.StringInSlice because it is defined in containers/common
b3fbb598 buildah: add support for renaming a device in rootless setups
149880a1 squash: never use build cache when computing last step of last stage
7cc18838 Update vendor of containers/(common, storage, image)
f7ea2d84 build(deps): bump github.com/golangci/golangci-lint in /tests/tools
c2adbade buildkit: supports additionalBuildContext in builds via --build-context
f4ad4faa test cleanup
73e0ad71 buildah source pull/push: show progress bar
45bd47b4 run: allow resuing secret twice in different RUN steps
7dbc5ce8 test helpers: default to being rootless-aware
c80e6a31 Add --cpp-flag flag to buildah build
e4d25d53 build(deps): bump github.com/golangci/golangci-lint in /tests/tools
784a8c4c build: accept branch and subdirectory when context is git repo
177141d4 build(deps): bump github.com/docker/docker
82e9c841 Vendor in latest containers/common
714fbed4 build(deps): bump github.com/opencontainers/runc from 1.1.1 to 1.1.2
8d57bff9 vendor: update c/storage and c/image
1c1ba51c build(deps): bump github.com/golangci/golangci-lint in /tests/tools
5e338aad Fix gentoo install docs
f45fbf77 build(deps): bump github.com/docker/docker
cf2bb5a1 copier: move NSS load to new process
063abf6f Add test for prevention of reusing encrypted layers
fccc7895 Make `buildah build --label foo` create an empty "foo" label again
6750810f Bump to v1.27.0-dev
0a9d6e6e Bump to v1.26.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
