mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
4faef1334f
1376 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bruce Ashfield
|
4faef1334f |
docker-ce: export GO111MODULE=off
With the latest go version bump in oe-core export GO111MODULE is on by default. Our build is not setup to use go modules, so we disable it and avoid configuration errors: no required module provides package ... : working directory is not part of a module Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
dc1713bec3 |
docker-moby: export GO111MODULE=off
With the latest go version bump in oe-core export GO111MODULE is on by default. Our build is not setup to use go modules, so we disable it and avoid configuration errors: no required module provides package ... : working directory is not part of a module Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8597d4e3a9 |
containerd: export GO111MODULE=off
With the latest go version bump in oe-core export GO111MODULE is on by default. Our build is not setup to use go modules, so we disable it and avoid configuration errors: no required module provides package ... : working directory is not part of a module Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
26770b8058 |
initrd: bump busybox to 1.33 to match oe-core
OE core has updated busybox, so we bump to match. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
24df561414 |
containerd: use service file from source tree
We no longer need to support both the docker and opencontainer variants, so we can just grab the service file from the source tree. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
2eda91539f |
crun: update to 0.18
Bumping to the release, which pulls in the 808420e release: distribute CHECKSUMS file c2b0064 build-aux: provide arm build without systemd 7cc03f7 .gitignore: update file f5274bd NEWS: tag 0.18 94e8364 src: add missing definitions baed691 libocispec: sync from upstream 8d0ebf6 Add arm64 static binary build b66d5d9 tests: fix make check in a user namespace e10205e linux: remove temporary mount logic 7819f4c linux: use targetfd for move_mount 891cd3c linux: use safe_openat for masked/readonly paths 6c5577f linux: use new function 9aa264d utils: add function to safely create and open 436daef src: add function to cleanup container struct c955ece src: pull function out 7bd51a0 build: check for linux/openat2.h dcb1914 utils: add function to remove initial slashes a1c958c utils: memoize check result 25c6f07 container: rename function to get_root_in_the_userns f08bd31 src: fix leak of the descriptors buffer df88061 tests: disable more Podman flaky tests 052bab7 utils: set HOME to root if the user not found efe35f1 linux: ignore ENOSYS on keyctl 1b65163 tests: enable asan sanitizer a0f322a tests: build init always statically a656698 configure.ac: allow to disable dl support 6adb26b tests: disable hooks_stdin for oci-validation 06199c7 tests: update to podman 3.0 bc888b9 tests: disable podman pull test f1373f9 tests: install crun under /usr/bin 257f442 Fix permission error when using both user namespaces & NOTIFY_SOCKET 617a212 cgroup: skip +cpu on EINVAL in cgroup root b6ac8de linux: use safe_openat for tmpcopyup 2d1f910 utils: avoid reopening the root during lookup 3ce74e8 utils: fix symlink lookup cbb67ae container: set working directory for libkrun df01709 seccomp: custom annotation to load raw bpf b229dca linux: refactor allocate_tmp_mounts 68bb50f linux: disable temporary mounts with [r]slave d6ae36b libocispec: update from upstream 487e792 github: enable clang-format checks 61d6844 src: run make clang-format 1d559d0 clang-format: change ColumnLimit to 0 643d05b linux: disable temporary mounts with [r]shared de6082f cgroup: fix conversion from blkio to io 1db8312 Update nix pin with `make nixpkgs` 540444c Makefile.am: crun depends on libocispec.la 1df96e5 linux: fix build without CLONE_NEWCGROUP Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
ec73ce93c9 |
containerd: fix service file to not reference containerd-docker
We are not building containerd-docker anymore, so the containerd service file should not be changing it in as the binary. It is confusing when you see 'containerd-docker' in the process list, when you've built and installed containerd-opencontainers. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
2a919ae202 |
cri: introduce cri-tools
Based on the original recipe from Tim Orling, we introduce a recipe
for critools so we can interact diretly with cri based runtimes.
We do the normal go manipulations to get this cross building,
with the following specific tweak/patch:
The build system already knows whether or not we want to use CGO,
so we remove the hardcoded variant so our exported environment
variable will control the enablement.
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
1.20.0+gitec9e336fd8c21c4bab89a6aed2c4a138c8cfae75/src/import/_output/crictl \
-ldflags '-X github.com/kubernetes-sigs/cri-tools/pkg/version.Version=1.20.0' \
-tags '' \
github.com/kubernetes-sigs/cri-tools/cmd/crictl
# github.com/kubernetes-sigs/cri-tools/cmd/crictl
cannot find package runtime/cgo (using -importcfg)
/work/cortexa72-poky-linux/cri-tools/1.20.0+gitec9e336fd8c21c4bab89a6aed2c4a138c8cfae75-r0/recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
In a similar manner to:
https://www.yoctoproject.org/pipermail/meta-virtualization/2019-March/004084.html
We introduce '-a -pkgdir dontusecurrentpkgs' to mask/fix the problem,
and continue to work towards non-static builds.
% root@qemux86-64:~# crictl --version
crictl version 1.20.0-dirty
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
4ede0acf44 |
kubernetes: bump to v1.20.3
0e3bf6dad9f kubeadm: drop explicit constant override in version test 1619e810d1c kubeadm: get k8s CI version markers from k8s infra bucket 42a3b9e85ef fix kube-scheduler cannot send event because the Note field is too large afb0de9647c Fix nil pointer dereference in disruption controller Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
4713c3867d |
python3-colorama: update to 0.4.4
Updating to the latest colorama. We also tweak the license text to match the latest upstream content. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
62e8c1e96a |
python3-sphinx: update to 3.4.4
Along with the version bump, we tweak the license checksum as the BSD clause was changed upstream. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
bd6bf732ef |
newrelic: update to 6.0.1.155
Along with the version bump, we tweak the LICENSE checksum, since the file changed locations in the repository. We also add a patch to setup.py to allow the version of setuptools_scm in oe-core to satisfy the build requirements. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
ac5e9f55a5 |
python3-docker: update to 4.4.1
Updating this version to work better with associated uprev'd docker packages (compose, etc). Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
c0d7968bfd |
cri-o: update to v1.21.0
Bumping to the 1.21 release branch. Although this still in development, there are some depreciations and other features we want to get into the release, so we bump now for extra testing. This comprises the following commits: 7b4b8b2de bump protobuf to 1.3.2 cf1e612eb server: support setting raw unified cgroupv2 settings fc69fe15c vendor: update runtime-specs fcc278427 cgroup: implement fix for swap memcg on cgroup v2 7b7efa307 server: leave swap mem limit unset if not supported 2d857bf21 test: skip ServiceAccountIssuerDiscovery test dcf651d91 hostport manager clean up host ports 6f096c58e allows stream timeout to be set from config 056f8161d Bump containers image to v5.10.1 26aa60644 Move unit tests to GitHub actions 04185fc4f Move go1.14 and 386 builds to GitHub actions f91c4f0ca set kubelet node IP 26491d154 Fix validate-completions GitHub action ebafe7536 Add integration test for pprof over unix socket 109b412af Add a flag for enabling profile over unix socket a09423d60 Lookup echo command for unit tests c1a724770 Move static build to GitHub actions 85feffc1f pinns: Fixup 'pwarn' output to match 'pwarnf' output e30c3975f pinns: Don't put errno in the exit message for argument checks fd8e390ad nsmgr: use host option 76a89b938 nsmgr: Use config struct for NewPodNamespaces 969505130 pinns: support pinning host ns 4394eee77 Remove implicit GitHub action `name` fields a0568ace6 Move docs and completions validation to GitHub actions fa3741f1d Make config tests work rootless 2a8f2b11b Make rootless namespace unit test execution work 2670d8598 Do not log file path on ioutil.ReadFile a6e8ae41d fixes version_test.go 841913db8 Close the stdin/tty on server start to avoid shortname prompts e430b1df6 Update debian repository url to use https 3f4bef945 docs: fix http link c2b9d0fd8 docs: update kubeadm tutorial b64e716a9 Fix `make lint` f36c64dbd Return runtime API version based on protocol cce49c0e4 Update compatibility matrix to mention v1.20 77f1b7c36 add method comment 84b616b79 restore irqbalance config only on system restart aa46a2393 add blurb in doc and more informative name for unit tests 13be7ae5a add is-enabled check for irqbalance service 9930cc33d fix unit tests ce9973796 add unit tests b3b48b31f fix bash/zsh completions 3cd55b226 fix the docs validation cf61f947d handle irqbalance service 7a1939882 runtime_vm: set finished time when containers stop 78c91cbf9 nsmgr: fix/add calls to GetNamespace 177250f74 managed namespaces: move to dedicated package 10c9e4961 Provide integration test for infra-ctr-cpuset feature 5f9dbb1a2 Set CPUs for the infra containers during the creation b3fb25b44 Add shell completion for infra-containers-cpu flag e0f7ccc32 Add new infra-containers-cpus to the CLI and config file 30b0aea2e refine `registries` deprecation message ac8e51bfd Circle CI: install test/registries.conf d0e9b8b0c crio.8.md: runroot defaults to /run/containers/storage 2e49302ed support short-name aliases 22417169d pull: do check for blocked registries 83974bbdd config: deprecate registries 4879bba02 Rollback gocapability vendor bump 78261109b vendor: bump containers/storage to v1.24.4 d25bfe297 Update nix pin with `make nixpkgs` 709e4d170 contrib/test/int: add Kata Containers runtime support ce0beec25 contrib/test/int: enforce linking in parallel build process 85e67f811 contrib/test/int: build parallel from sources in CentOS b18fe2cbf contrib/test/int: allow to skip user namespace testing 506e7c2e7 contrib/test/int: allow to configure test timeout cc9d037c3 Capitalize Kubernetes c85474476 modify the error url of podctl 1b7e811fb Add Digital Science to adopters e0bf8bc94 pinns: make binary not always static 0aeb7d27e server: use IsAlive() more 2460f6d26 Support CRI v1 and v1alpha2 at the same time 1633196c1 drop support for ManageNSLifecycle b395cd224 test/timeout.bats: increase timeout to fix flakes ab2626872 release-notes: fix flags fa6a34381 test/timeout.bats: fix comments 553123b19 int/resourcestore: fix comment about Put de186def3 test/image.bats: simplify some loops 0a30ab479 test/helpers.bats: simplify cleanup_* cfdf40e4b test: add timeout.bats 521fa1948 bump network creation timeout to 5 minutes 87977f19d resourcecache: add watcher idiom 1d2328aa8 server: use ResourceCache instead of dropping progress 4bdc500ba Add unit tests for ResourceCache 76ebcac66 Introduce ResourceCache a4588db28 moves shmsize to a handler allowed annotation 8e8f164f2 image pull: close progress chan 1fffd7210 test/ctr.bats: fix a "ctr execsync" flake 2bca8ec2b Fix the functions' name in completions 5e80372b7 Increase release-notes run timeout to 30m 7150db5ba Bump k/release to v0.6.0 eabdf7e4e ci: enable shellcheck for bats files 829053a41 test/network.bats: silence shellcheck SC1090 0c42734b2 test/network.bats: s/which/command -v/ c50658467 test/inspect.bats: fix SC2086 e62136838 test/image.bats: rm unused code 03f8eae37 test/network.bats: fix shellcheck warnings 149619d93 test/devices.bats: fix a shellcheck warning 15a3cb785 test/pod.bats: use jq to edit json 64c0fb2a0 test/network.bats: use jq to edit json 7053a2c39 test/*bats: rm unneeded stop_crio 99e521b23 test/testdata/container_config_sleep.json: rm 2a40a639a test/ctr_seccomp.bats: rm testdata/container_config_seccomp.json 9ca6eeab4 test/selinux.bats: rename a test d309db54b test/selinux: rm testdata/sandbox_config_selinux.json 6ca29591a test/pod: rm testdata/sandbox_config_sysctl.json f1fc4626f test/ctr.bats: do not create files in $TESTDATA 25a559237 test/image: rm container_config_by_imageid.json f10a38851 Use own metadata types 09f929216 test: use jq to manipulate json 029bb46bf test/*bats: rm excessive runs 25db96707 Add CRI glue types for v1alpha2 and v1 usage e8127e0e7 Add CRI v1 API c4df5708c Fix make vendor GOSUMDB d0e2cfdfd make: drop link to crio.service 5ad548b38 test: rm "run ctr with image with Config.Volumes" 39ff75035 test: add no-pull-on-run=true ea9d2ab31 circleci: use updated images 284779311 Check allowed_annotations under performance hooks and drop deprecation warning 91ea6ac1a Add clean v1alpha2 CRI API interface 63bd12659 contrib/test/int/build: bump a few deps abf049f6b circleci: use go 1.15 for vendor 302b36c0f ci: bump go to 1.15.5 bafa2a870 circleci: bump go to 1.15.5 7f046e2af Pass runtime to the handler hooks bd5ae5de2 Provide methods to check allowed_annotations for high-performance runtime handler 38f8e9da5 Provide a better value for features specific annotationis bd78f7e89 don't do unnecesary iptables restore 942e6255f switch CRI-O to use its own hostport manager d17d157e0 dual-stack host port manager a86d258c7 fix upstream hostport manager 76f6d342f Add README to hostport folder 7dbafacd1 fork hosport kubernetes code 90ae7e2d7 ignore test binaries 8dd12dc42 fix cleanup func wording 7244e40ca server: refactor handling of cleanup funcs d2b341659 Make NamespaceOption an internal type in sandbox 49d0de238 test/e2e: disable a flaky test 22ce1d7a3 contrib/test/int/e2e-features: skip Serial tests f1b6fde01 contrib/test/int/e2e-features: rework "skip" regex fd15db07f contrib/test/int/e2e: rework "skip" regex 5e57f4215 contrib/test/int/e2e: rm obsoleted TODO 9ef215fb7 ci: move check vendor to github actions 437f1c1b8 Makefile: rm GIT_MERGE_BASE a4309e000 circleci: fix cri-tools install b59718676 alphabetize OS ad043ae9a Update install.md d22c37e71 ci: move docs-valication to github actions 9dd630514 ci: move shfmt from circleci to github actions 2489684ac ci: move shellcheck from circleci to github actions 7f9f09801 ci: move golangci-lint from circleci to GH actions 9fe43d28d github/PR template: add /kind ci, other 359c60f2a vendor: bump containers/storage to v1.24.0 99081ef41 Makefile: bump golangci-lint to 1.32.2 936e21890 circleci: rm build-test-binaries job b3000eb70 test/devices.bats: fix "additional device permissions" case 22d9e7e8f do not enforce seccomp profiles if disabled 1eddc1b9b ci: use cri-tools from git head a53c2a70e test/devices.bats: rm unneeded run 7b910a08f test/devices.bats: skip earlier 329ccbafb Add wrongly removed word 7ff1fbc05 Update the crictl tutorial and simplify a few steps fedd00c0d Make CNI setup instructions a bit more clear and fix nits 205711e5e Fix links to installation documentation 24b7e4f83 move is_cgroup_v2 to helpers ddcfee824 oci: add Devices to allowed annotations structure 54477302e restore.bats: allow userns tests 61dad864c test_runner: test userns with manage_ns_lifecycle ba3d36c00 test/ctr_userns: rely on global userns testing 34d0aacbb Allow userns together with ManageNSLifecycle 1daaa067c server.createContainerPlatform: fix userns + spoofed infra 4e0cb03fe server: add userns mappings for spoofed infra 6e897b8e5 runtime_vm: Ensure closeIOChan is not nil inside CloseStdin's function b256264f1 test/command.bats: fix device test 7646b5b74 server: fix some nits about resolveSymbolicLink 917d39c66 move device handling to container iface c3370fb0c move additionalDevices handling to separate package c8e270f23 Bandwidht CNI plugin reserved an upper limit on burst,in which banned include boundary. See: https://github.com/containernetworking/plugins/blob/v0.8.7/plugins/meta/bandwidth/main.go#L113 fe8c25a1d Update nix pin with `make nixpkgs` 3ca6f8dae pinns: fix ownership for created namespaces d7d8f7a29 pinns: use a socketpair instead of a pipe 374415de8 vendor: pin shfmt to v3.2.0 f4301256d OWNERS: add myself bd364cd2c Log version at startup 88159bb7b test: rm disabling selinux from userns tests e54203c8a curl: add -S where -s is used 98fbf5bab ci: bump crun to 0.15/HEAD be3ec3c1e nix: fix static build 0cfc673cd test: bring back userns testing c9290e44c test/network_ping.bats: skip with userns a3d0b391d test/restore.bats: skip some tests with userns 6931ee743 test/network.bats: skip hostnetwork test with userns b7db612de test/image_volume.bats: fix userns check b4d692617 test/drop_infra.bats: skip if userns is enabled 03cfc2fcc test/ctr.bats: skip privileged test when userns f147b4a9e Preserve sandbox annotations for handling OCI hooks 3e6b81904 Increase integration test timeout to 30min 9750103ae Upload bundle in separate CI step ecece5641 vendor: update containers/storage to v1.23.7 35f64617e test: disable crictl pull on create f41aa4ae5 Update maintenance versions in README.md d22514351 test/image.bats: pull the image to be used a400561a7 circleci: use ubuntu 20.04 image 468d49427 removes runs 70f73ab7b circle-ci: use go 1.15.3 8a2f5f189 Add SUSE CaaS Platform and openSUSE Kubic to adopters 58328a6af Error if GitHub release could not be found ca11353f8 Update e2e-aws logic for 4.7 95f285103 drop error in finalizeUserMapping as well 455a1b6b5 Adding Oracle Linux Cloud Native Environment to the list of adopters. 4cfde377e userns: use the same ID if the mapping is missing 0de968083 Add KubeCon EU 2020 talks to awesome list 99a21e919 use correct mappings when they exist ba9c0c245 drop AllowUsernsAnnotations 1a5553ebd add allowed_annotations to runtime handler 1d0f68156 update documentation of privileged_without_host_devices f0fab44c4 template: move default_runtime closer to runtimes map 5c9085a9f Fix release notes generation 23e0ed065 begin ADOPTERS.md file 4cf0a2915 test/testdata: rm container_redis_default_mounts.json 7e88c2cd6 test: mv test-specific setup out of setup_test() b8af8c4f0 test/reload_image.bats: nits 35b7de3c8 test/default_mounts: rm --deprecated-mounts test e1ffae3b5 test/default_mounts.bats: rm excessive run 5a59e514e test/testdata: rm *namespace*.json ba126e6de test/namespaces.bats: rm excessive run and cleanup 83fe6c285 test/testdata: rm sandbox?_config.json 2a0076143 test/testdata: rm *_hostport.json 3fbdf6fa4 Remove last traces of --default-mounts 023c57ac7 test: improve/rename parse_pod_ip -> pod_ip bc9d66793 test/helpers: improve test_pod_from_pod 417f0591f test/network: improve "Check for valid pod netns CIDR" d7babd6ac test/network_ping: merge the two cases 905511a2f test/helpers: show crio.log after the test 8343d16fc test/helpers: hide crictl info output 2bdf0e109 test/helpers: rm temp_sandbox_conf, switch to jq a6c985492 test/shm_size.bats: fix SC2002 a035e1561 test: simplify check_journald check 0483c62b2 .gitignore: rm conmon e6ef7221b test: simplify check_metrics_port -> port_listens 5502607e1 container_create: fix /etc/resolv.conf to be ro d04aa9092 test/testdata: rm container_config_resolvconf*.json 979dabda1 test/testdata: rm sandbox_config_privileged.json 347b03e01 test: rm testdata/container_redis_env_custom.json 1dbd73dc5 test/testdata: rm some unused files 2ba965644 test/pod.bats removes excessive runs 9784199e6 test/pod.bats removes unneeded teardown 5f4774efc runtime_vm: Ignore ttrpc.ErrClosed when removing a container 802b4e4fe runtime_vm: StopContainers() should not fail when the VM is shutdown 85f341c32 runtime_vm: Don't let wait() return ttrpc.ErrClosed 0f2a07053 runtime_vm: Fix updateContainerStatus() logic fecf1a1d8 network stop: don't segfault if sandbox isn't created yet 2fb259791 Revert "Move back network setup to after adding infra container" 06b6e129f test/ctr.bats: use $newconfig 54959f5b8 test/ctr.bats: replace sed with jq a7746c2dd test/ctr.bats: convert python calls to jq bbd70e433 test: rm edit_json, use jq directly ae7ac6105 test/ctr.bats: shfmt it 6693d79c5 CI: add shfmt check for bats files 4953fb28c test/*.bats: format using shfmt 4c9984603 shfmt: update to current master 407603303 introduce SeccompOverrideEmpty e9d9b3011 server: cleanup container in runtime after failed creation 685f275d3 defer removal of container in storage immediately cf79dc39f test/status.bats: use shfmt 0ea616973 test/status.bats: rm excessive use of run 70ea166d3 test/status.bats: minor refactor 7bc848cbe test/image_remove.bats: rewrite 510e5325a test: tidy image prefetch 6e0d7a3c2 test/image: rm unused var 4ab412848 test/ctr.bats: fix SC2086 27dd454a2 test/ctr: rm excessive use of run eea57ad02 ctr.bats: fix jq checks 19e521422 test/ctr: fix "privileged ctr -- check for rw mounts" 86596bdcc test/ctr.bats: fix "annotations passed through" test bea64ec68 test/ctr.bats: add is_cgroup_v2, fix SC2046 601e1e4ca test/ctr.bats: rm unneeded cleanup 37c9c24ed test/ctr.bats: fix SC2002 96b8890e5 test/version.bats: fix/improve b45e341ee test: fix SC2086 dd3c394e3 crio: add new option --separate-pull-cgroup fbed1b37e crio: move in a new cgroup on reexec 26cf82891 test/command.bats: fix shellcheck warnings e60a04514 test/crio-wipe.bats: rm excessive run usage 6c69b4495 test/crio-wipe: simplify code f0e081865 test/apparmor: simplify is_apparmor_enabled e5bea7e08 pull: move image pull to a new process 7cc83932b crio: force garbage collection with SIGUSR2 4b549f542 test/network.bats: fix "Clean up network" tests 9da1a3ea8 Update nix pin with `make nixpkgs` e559d8e0e test/helpers.bash: rm "echo 0" caebae40e Support passing properties to RunUnderSystemScope ada8cfcaa test/network_ping.bats: simplify b03195eb5 test/network.bats: simplify, fix shellcheck ef07f7192 Move back network setup to after adding infra container 178872342 Bump master version to 1.20.0-dev 39a0e7984 server: use more GetContainerFromShortID and less GetContainer 965b70fad server: do not do container operations on a not created container 928edf243 server: do not stop/create container if pod is not created 9284c007d defer network stop ASAP after network start 83169c578 network: create as early as possible 00bf747aa Bump Kubernetes to v1.20.0-alpha.1 a78651ff8 Bump logrus to v1.7.0 6913515c8 runtime_vm: set Pid and InitPid for VM runtimes 1a35fce0c go.mod/sum: update 309b3d07e contrib/test/ci/cri-o.spec: rm GO111MODULE=off 6445c1418 Makefile: rm GO111MODULE=on and -mod=vendor 8eb6575c6 CONTRIBUTING: no need to set GO111MODULE 012e52db9 Makefile: fix vendor target bd3aa8151 internal/config/node: add checkFsMayDetachMounts a2bc9d35c Fix bogus CI test failures 056b43d11 runtime: parse oom file for VM type runtimes c49ee2362 test: use crun 0.15 b66ec3f42 test: adapt test to new crun output bac4a3ea0 moves spec generation to container 40709d286 test: drop infra container 4aa7d4c51 test/config: fix shellcheck warning 94ef42cbc test/config: fix "config dir should fail with invalid option" 1d097f7d5 cni: fix ipv4 configuration file 4f1e4efae [feature] support custom shm size and docs deba2580b Update nix pin with `make nixpkgs` a20c3a4de Verify Cgroup Memory - cgroupfs 7eaede753 deprecate manage_ns_lifecycle option aac00ea84 Enable debug logs for release notes generation 0d878de1e Bump GRPC to v1.27.0 53b72efe1 test: skip MetricsGrabber tests 9afdd35c3 drop infra container when appropriate 25383e728 server: no longer assume some infra containers will be nil e42b2b1c5 sandbox: add NeedsInfra function fdab97f50 oci: add Spoofed() function 33de444ce introduce pkg/annotations 4ff61bb49 portforward: rework to not need infra container 3c241bdbb pinns: fix pinning cgroup namespace 26de5b665 pinns: allow sysctls to be passed 3f655aa2b test: configure self when kata-runtime is the CONTAINER_RUNTIME 9e337b0ab test: add tests for dropping infra 3978b8cf5 add --drop-infra-ctr option 7d56d27b1 broken link dff47619b update link for podman 3fd6ff726 add the integration tests for handling default runtime db3f22b4c Update containers/* dependencies and vendor libpod/v2 0f9a374ea test: remove generated file e5940bc87 Updating documentation of kubeadm with offline configurations. Signed-off-by: Athanasios Garyfalos garyfalos@cpan.org 6bda9b5e0 Force pkg dependencies to older ones compatible with gogo/protobuf 1635b0d26 Switch to Kubernetes AppArmor unconfined const ca1c46636 Update crictl.yaml to reflect cri-tools v1.19.0 configs 40b9d971f Bump cri-tools to v1.19.0, CNI plugins and golang 6f9341d5d Add image layer reuse docs to metrics.md 167fed492 oci: parse stat file instead of using ctime 12a5cb458 Print seccomp profile JSON only on trace log level ec69e86fa oci: return IsAlive error instead of logging 687202247 sandbox config: Improve validation error message 7b1e83595 pinNamespaces: fix cleanup and error returned 2b5a80d57 pinNamespaces: set capacity for returnedNamespaces 9925188dd pinNamespaces: use string concat instead of fmt.Sprintf 525d5b760 sandbox: ignore enoent on shm unmount b66da412d Revert "runtime_vm: Cleanup process when the Container is Stopped" bc9dd6fe2 test: deflake stats test 635ab5f5d oci: improve error message for verifyPid() b6db1d8a0 Fix pinns compilation for TEMP_FAILURE_RETRY 4a3f8b87d Vendor Kubernetes v1.19.0 8152e00f3 config: set internal RootConfig to default storage if not specified 827eb0bfc Revert "dual stack portmap support" f45c631ab Update nix pin with `make nixpkgs` 773f6b0b5 branch forward: stop on rc 5011a7b2f added irq smp balance and cpu cfs quota control 6a3f71112 Code clean up in containers_create_linux.go 7b942ed73 Remove git-validation in favor of prow/golangci-lint f97ad7fd3 dual stack portmap support f0d987acb Switch to containers/common for AppArmor 017e62dc1 Unset GOSUMDB when vendoring 4bf30158a storage: delete layer if mapped ad2ed3b79 mapping: add support for userns-mode annotation f035d6077 server: make paths to chown also accessible d9d3789cd vendor: update containers/storage to v1.23.1 7f8c00e5e server, systemd: export container env variable 2716da1de remove --runtime option 0afa35525 fix high performance hook self-exit container issue 9e112eebd oci: move channel close to writer goroutine 3472cc5c8 test: fix container stats test d4c32cb00 test/stats.bats: fix/improve container stats test d1e2ea04a test/stats.bats: improve test case d05a6335e test/stats.bats: fix typo in a variable name 9a1490531 managed ns: report namespace cleanup failure by default 4ed669482 managed ns: ignore `PID not initialized` on sandbox creation ff6d989fb test/apparmor: add missing test case call aca64980b test/cgroups.bats: enable pids test for cgroup v2 01432f5d6 test/cgroups.bats: simplify and fix 0aacb5b53 test/critest.bats: move setup/cleanup out of test b811a2040 test/apparmor: simplify 6f169692f test/apparmor.bats: add teardown function b4eb95602 test/cleanup_test: improve 5bce7486a test/wait_until_reachable: fix d6405601a test/ping_pod_from_pod: fix 60a04790f test/pull_test_containers: fix 8bf151454 test/critest.bats: fix d2ded1d73 handle runc not present on the system 838ab4aed Add fidencio to OWNERS file ab82e12e0 Use Unmount w/o prior Mounted check 15375c94c Don't limit the size on /run for systemd based containers 8c7c8028e oci: reorder conmon args 80609e566 config: check conmon version before assuming features 5dcf88604 test/image.bats: rm useless code c5d29b355 test/*bats: fix excessive use of export 616b7855e test/ctr_seccomp.bats: unify common code 2a45877ae test/ctr_seccomp.bats: unify/simplify seccomp check 149e13b07 test/ctr.bats: properly declare readonly var 2c4d5de9b test/apparmor.bats: fix shellcheck SC2030,SC2031 f2469036e Remove duplicate check for enabled seccomp d9ea3921d Bump test images to go1.15 61736cbe3 runtime_vm: Store logs in the correct format 8e45b939e Revert "Fix potentially unclosed file in runtimeVM#CreateContainer" e3e4385d1 selinux: override only specified values 8cbe37722 Fix container cgroup under cgroupfs 3609f6475 server: reduce complexity of getSourceMount 7a48cf993 server/addOCIBindMounts: speed up 6dd52f2ac Reuse Kubernetes API consts for seccomp profiles dca828597 oci_linux: fix working set calculation for cgroupv2 18fa73d9e Switch to go 1.15 49d121594 Add /sys/dev as a masked path path eddf148a1 oci_linux: fix working set calculation 059934138 test/image_volume.bats: fixes 79c52eb1e Revert "tests: adjust test to not depend on runc behavior" 76c7e8657 test/*.bats: fix checks that id is not present bf10fcafe test/*bats: fix shellcheck SC2076 a881562a2 Fix logs that have wrong func names f90a1dda0 Ensure CloseIO is called after Start for exec e21f21edd Add layer reuse metrics ae5630f72 Bump golangci-lint to v1.30.0 e790775d9 Vendor Kubernetes v1.19.0-rc.4 dfcd1691a config: create hooks dir if not present cbc7c514c docs: Move logo location d69d6d728 docs: update installation instructions 371a60093 use errors.Is() instead of errors.Cause() e1eb96fc8 Fix lint pipeline by gofumpt'ing cgmgr_test.go c99023d50 Parameterize strip binary in pinns/Makefile for cross-compilation 0bfefee51 Make filter container list be able to filter short pod IDs 44e0c0db7 drop findprocess 009ccb65e oci: rarely access Pid directly 5b3c5b655 exec sync: check pid instead of calling runtime state 1d672d139 server/createSandboxContainer: minor optimization b44a6cafa setCPUSLoadBalancing: nit 042a4a76c setCPUSLoadBalancing: optimize 82b339265 setCPUSLoadBalancing: rm repeated call to c.Spec() 484551e15 shouldCPULoadBalancingBeDisabled: simplify 5a5aa34cb Remove unused global vars in memory storer e8d4b0bc6 exec sync: be more careful about temp files 814c1bb01 runtime_vm: Cleanup process when the Container is Stopped 8b4ffe784 docs: fix cni documentation 79de63e63 contrib: update the crun version to the last release b55168f78 test: fix regex to look at the beginning of the line 4d21cd3f0 add stats list unit tests 857bcd34c stats: skipped stopped containers on container list stats ae69fd7f6 crio: use json-iterator/go instead of encoding/json 91d3d2791 Do not remove existing runtime handler 964d0d3a2 Speedup static build by utilizing CI cache on `/nix` folder 3f7d13e62 Add `make release` target f64d6d5e9 runtime_vm: set container creation time cd9e835c2 test/command: add test for --profile 1aa5f89a4 test/helpers: rm start_crio_* twins eb9321386 Remove unnecessary err assignment faad1a446 runtime_vm: Avoid possible deadlock on UpdateContainerStatus() 1313a9a2b Fix unit-tests and regenerate mocks e6e3c4ad0 Bring back pprof 9d4195941 Add testcase for createdAt timestamp restore f7f4a8664 Restore Sandbox createdAt timestamp on cri-o restart 2a260703f Fix gofumpt lints 300380462 name is reserved: give more informative error fb3cb0a2f Restore CPU load balancing just when an error appears d34d57c94 Add unittest for the high-performance hooks fe69fd2b1 Add RuntimeHandlerHooks interface dd5abc1c5 Add gofumpt linter and apply lint fixes e115e4cc8 Cleanup nix derivation for static builds 496f1e426 Provide unittest for the CPU load balancing method 8a48ff5d3 Provide functionality to disable and enable back the CPU load balancing 6886573e6 makes containerstats just get one container instead of whole pod 5cbbd289d Update UpdateContainerResources unittests e29c3ffe4 Update the container resources under the spec 1ee062c85 Make integration-cgroupfs tests depdent on results a2ec1d40d Copy spec to not touch original spec on exec(sync) 74a94b546 Add volume mount option for SELinux labeling 00c33525f Implement BigFilesTemporaryDir 65b692268 Perform log directory validation early in Server#runPodSandbox ce5825f1a Remove resolvPath when Relabel fails abecfdf31 remove all cases of returning an error named err fdb2df175 container: handle SelinuxLabels 9b881b0b5 container: add ReadOnly() b852ad675 container: add Image() 6e883db15 container: add fips disable handling 1f51d6d5d Revert "container_server: disable fdatasync() for atomic writes" 77cf58c91 node: fix panic if /sys/fs/cgroup failed to stat 4810ca3e3 Use /usr/bin/env bash in crio-shutdown.service c4795b496 Fix static binary mode retrieval for musl toolchains c180faac7 change variable name err to retErr for deferred comparisons 705381c46 runtime_vm: Improve CreateContainer cleanup in case of failures d785c14fc runtime_vm: Create deleteContainer() helper 11ae5b78d Close the done channel in runtimeOCI#ReopenContainerLog d5920c866 Update golang dependencies 924a8e983 Fix potentially unclosed file in runtimeVM#CreateContainer 65fe2c5fb Bump testimage versions including golang 15264b7e5 Enable more feature tests 9bf8e5397 Vendor Kubernetes v1.19.0-rc.1 7170231d8 internal/oci/runtime_vm: lock around map access cbd32ae9d internal/oci/runtime_vm: fix resizePty signature 11ec0bcda circle: save output for debugging ce0921e74 test: add circle job that runs with cgroupfs d8615ec46 managed ns: don't remove namespaces on sandbox stop d33995bd8 managed ns fixes 02d8bb96f runtime_vm: Ignore ttrpc.ErrClosed when shutting the container down b6b4d1023 Update golangci lint to v1.28.3 c2255b718 oci: add debug logs for runtime state calls b058683c5 Return empty DecryptConfig when no keys to force decryption fd07083b4 test: drop cgroupfs override fa9e413c2 Make release notes generator capable of handling tags a97c66840 Validate cgroupfs conmon cgroup on start 83e8282c4 contrib: enable debugging on the kubelet 77bb73c29 contrib, e2e: force systemd system session b803107b0 server, root: unset XDG_RUNTIME_DIR, DBUS_SESSION_BUS_ADDRESS 945adb00b contrib, cgroup v2: use kubernetes master aee425b19 pods.bats: force usage of the system bus 04c44932f config: fix systemd version parsing ceb473cf3 skip another failing test a69782498 e2e: skip failing test 0a2c92d17 use cgroupfs to fix tests temporarily e8c12b348 Streamline how done channel is closed in Runtime#WaitContainerStateStopped 83ec8f8ed test: bump go version to 1.14 23193ea43 Add runtime_type as an option of "--runtimes" bb54e152e runtime_vm: Apply the correct label before the sandbox is created 56140296b sandbox_run_linux: Use libconfig alias c0da93f0d test: use node readiness as an indicator to run kubetest ab8f1acdc Add logic for running openshift e2e-aws tests 164f46cc6 server: re-add gocyclo skip 6b6a604e2 Restore version output from crio --version 00af53a89 Enable SCTP and seccomp e2e tests 6b9dfc6e8 criocli: Avoid parsing the config twice 35a8caf8a StringSliceTrySplit: return a copy of the underlying slice 3d2cd5a4c Remove the protocol filter from the portMappings constructor. a296edd66 test: fix seccomp tests 3e063339a pkg/container: handle logPath 859a65099 Use the container_kvm_t label when using kata as the runtime 978a0bc3d use inactive-or-failed CollectMode if appropriate 861297e93 Close the done channel in waitContainerStop dee450550 Send only single error to stdinDone 8e4a4b774 config: add ulimits package 3752167dc logs: fix some problems 63e8f1f07 oci: check state before stop atomically c0f5c1679 Container should only be added once after passing filter 5571a88dd Add info logs for image pull and status CRI calls 490d651cc server: store container privilege bool in pkg/container 44607af0d bump runc to v1.0.0-rc90 1fed461fe config: add node package ac966530c oci: make failure to move conmon to new cgroup fatal 058d6b926 config: add cgmgr fa6114234 managed_ns: deflake tests a083494ff Add crun to static binary bundle 764d5caac Add crun to config template 87c26e6bb Update k/release to 0.3.2 954585ddc Add sandbox IPs if there is no error in IP retrieval 832e6fc19 Cleanup default info logs aa8f005d9 Check whether seccomp is enabled before making assertion 2e5aad445 Close the done channel when there is watcher error 4033c7ac4 vendor: update seccomp/containers-golang to v0.4.1 99d7f7256 Add unit test for sandbox response verbose mode 83e01c296 sandbox_status: Fix typo in error message cd85ebf7f Use correct format for logPath removal log b689ae675 Use one deferred func to execute cleanup func's a5bc7193d test: Add a test for pod pause image 166bd36d8 Return verbose information for a pod 525b1d335 Store pause image information for a pod 9197a5568 Added signature - Fixed standard cidr and typo 52dadcf42 Update golang dependencies 613cbdbee Add image pull success and failure metrics 3584fa451 attach: Don't return early for non-tty attach if there is no stdin 35c0c79e2 Fix the kubeadm command 7512d3166 Remove socat runtime dependency de262316f sandbox iface: don't fail if uid is not specified 67fc28844 Exclude failing conntrack e2e test 247d465e8 Add `privileged` indicator to container status e7e0746e3 Check that SecurityContext is not nil before dereferencing 3c7f385b3 Allow release notes for release branches d686db64c crio wipe: log less 1ffd66949 Update nix image and dependencies 92f9f68f9 container_server: disable fdatasync() for atomic writes a02f21766 vendor: update containers/storage to v1.19.2 25fcca87a bump version of libpod to get selinux e62039468 Automatically label containers running systemd with the correct label 0fda6777d Add metrics exporter and documentation 9a53c232e crio wipe: add version-file-persist e1f3fe0af Update k/release repo and use go templates 4a841df26 Update golangci lint to v1.26.0 0c3a5dff5 Switch to logrus 1.6.0 a9ff43ce9 Remove containerd/release-tool dependency a6e8db404 Update Kubernetes to 1.19.0-alpha.3 de45cf1dd Avoid unnecessary locking on runtimeImplMap 2ec6e6a73 Add `--metrics-socket`/`metrics_socket` config option a96823544 Cleanup go modules and vendor cffb00c88 Missing `cd ~/.ansible/roles` Before `git clone` fac15d5da Close done channel if the wait for ContainerStateStopped times out 086eeaa5f version: return empty link mode on failure de0f51822 version: omitempty on String() 3007180b0 Delete container Id only when impl.DeleteContainer(c) passes 727b3a116 Delete container Id from ctrIDIndex if podIDIndex.Add fails 0540afc0a Add support for making reproducible builds 8e7d4d2c0 Adds Ubuntu 20.04 to install instructions 604eeb1b3 oci: drop container level privileged flag 7b6696b65 port error: check for error 4d6d96c1e port forward: add stream nil check to pass unit tests 7016c3e13 port forward: drain the stream on error 351af8519 Vendor in v1.9.1 containers/libpod 93420c499 Fix naming unit test c83b0040a Check error return from os.Create before closing file ed3d80f87 Close channels in runtimeOCI 192621d9d Remove latest-version script 0b105b24a Remove crio-wipe and crio-shutdown systemd units from bundle 9b80a5818 Avoid removing container twice d04755a08 Return an error if context has been cancelled or deadline exceeded b5fdabc22 Use correct upload URL for binary uploads 4a6beaa9b Close the channel for syncStruct 0806f14e2 Remove unnecessary error wrapping for runtimeVM#StartContainer 65d8bb6cd Fix CI by re-generating mocks 2079196f8 cni ctx: call cancel func 6171dcf39 give fraction of timeout to network{start,stop} calls 1ad8ce652 Pass context from caller to ocicni 870cd9b7d Update ocicni vendor code to get new methods that support context argument 926daa840 Use bats v1.2.0 release for CI ae353585c Fix Linkmode path resolution 78badc81c test: check for rw mounts c6233a2b4 Makefile: include -nobuild install targets ed34636da Close childStartPipe if cmd.Start() fails d1172d693 Do not hold lock when ExponentialBackoff() is called 3eff5407b readme: drop support for unsupported branches 8f01225a4 Fix incorrect image digest for test image 83257214a test: update digests and test fa2db8d8a test: update image digest to fix test 2843f551e Fix linkmode for static binaries e785dd2fd Check for context erroring before returning from longer requests 5daa5ac79 Allow comma separated string slice parsing cd5d1a08c Add info logs where needed dc945b31d Add Installation Guide with Ansible 39a35cb30 Use absolute path to binary when retrieving linkmode dff32318b Makefile: allow customization of go commands 3261c2a75 vendor: bump ocicni to b197cd13855bae919c7c75c191c976fcc48610b9 5d2494793 Add Codecov badge to README f7896341f Fix static build DNS resolving with netgo 9b2ee751e Add docs and completions for default_env b92a3e6f7 Add a test for container default env cfcee0126 Add support for default_env in crio configuration c0b466e86 Stop container when there is error in createSandboxContainer 0c8b231c1 contrib,crun: use version which correctly writes swap 9f334aabd test: refactor handling of mem swap 7bdf93819 only set swap if we have the swap cgroup 51cfd5c76 SetLinuxResourcesMemorySwap to the LinuxResourcesMemoryLimit 44dda8b52 Add release-1.18 reference to documentation 3816fb11f Update cri-tools to v1.18.0 307be36a7 Validate capabilities on CRI-O start d67eea300 stats: spoof stats on a cgroupless ctr f25db77b3 add haircommander to OWNERS file 0361c5e37 Fix GitHub artifact upload via new upload-artifacts target a7e117e44 Update libpod to v1.9.0 ec26619e3 more retErr fixes 2e494c323 Use named error return for container_server 66dc81696 config migrate: add pause image and namespace dir 62c02af51 add stop container for StorageRuntimeServer on error 95d5ab215 bump default PauseImage to 3.2 39aef1a09 Add shellcheck linter and apply fixes b7be5b673 Update go-mod-outdated to v0.6.0 b5242b807 Add dependency report badge be8e876cd Add runtimeSpec field to container stats info 99388a706 Add OCI image spec to image stats info 7f4ac3b7d Move crio defaults back to /etc/crio/crio.conf 4e795832a Fix lint reports for setnameandid test 3f89b9539 Use proper variable for error return in Server#createSandboxContainer 10f522002 Update installation steps for CentOS 89ff7c1b9 Fix CircleCI job race accessing gh-pages branch 5ae550efd manage ns: don't remove top level directories on pod teardown fabb871e4 manage ns: debug output of pinns ffede601e branch foward: skip release candidates 55bec4dae server: skip setting memory limit to 0 c36a8ebb9 Upload release bundle automatically to GitHub ac1112c45 Update dependencies c24e99945 Generate dependencies file in gh-pages root 086982d61 systemd unit: drop requirement of crio wipe 1e0419df5 makefile: allow version to be overridden af2509fe1 Update kubeadm docs e5397f81b Add dependency report to gh-pages and CircleCI d8a709f8a Assume hugetlb is not supported by default 80d1a2466 Update shfmt to 3.1.0 96e76dd2e Enable debug symbols for binaries when make DEBUG=1 2e5b40a62 Vendor in latest containers/storage 7501a08aa Skip already uploaded artifacts with gsutil d0d099a90 restore tests: verify some namespace lifecycle cases work 92aeb50b6 fail on failed pinns c443e9b88 pinns: pin to /var/run/*ns instead of /var/run/crio/ns/* 1dcf7b931 Fix typo in apparmor tests 92863e3b3 sandbox: Make sure the label annotation is proper JSON 9afd5ff71 container_server: Wrap a few more errors in LoadSandbox 2bc9e13f5 Add image labels to ImageStatus Info 5281f1382 bump to conmon 2.0.15 5146d6c63 Add the mounts that are required by systemd b297abab6 Skip already uploaded artifacts with gsutil 1806cabfa Add release branch forward to CircleCI 5cc33b558 Update Kubernetes to v1.18.0 474d29407 Test for master tag if release branch contains none 2d5cedabe Add SetNameAndID to Sandbox interface e540ef3a8 Make release notes require results in CircleCI ab431e66d Add crio config --migrate feature 717425df0 vendor: use directly github.com/creack/pty 9e10f54d3 Use HEAD for runc built from source b91d80994 Do not take config dir into account on config creation 360177a6f Make docs-generation and completions work rootless 63230017a Move CNI plugin into NetworkConfig 3027070ca build: clean generated bin/ dir f2ffe39fb Downgrade golangci-lint to v1.23.8 856ad18aa test: drop make install.{systemd,config} c2ec5aed7 test: set cri-o systemd restart policy to no 3d110a307 build: Makefile - add shfmt target to help dfed40b4a contrib: Add kube-local tool 759f498ae Add description to magic test value d672ed1de Do not Wrapf errors if no format is specified 9d6326b4a config: remove unneeded empty values b4808eac5 skip ipv6 ping pod from pod for rhel 7 7c535f29e return default-mounts-file 66b5814ab use fedora-ping image 6a0f33ae0 unify sysctl handling b35ecf1ab test: switch from dnf to yum 88e0c419c Fix specifying string slices a5db2aee2 drop net raw: add some test fixes to update ami 63b9f4ec9 Remove NET_RAW and SYS_CHROOT capabilities 58657488e Add cni-default-network option c2b25b4ea Add hint to release notes on gh-pages to README.md b9db8f3b8 Drop musl build from nix to update to go 1.14 1963aea3e Add shell format check and apply diff e265ad0ce server/ContainerStatus: don't lock for c.State() f8f35ba32 drop conmonmon 239ac2049 stats: fix some style nits 976e9b061 Add linkmode to crio version output 309a5bf3d Add release-branch-forward script 3e3725d5b Fix gh-pages push for remote branch 5f49b2c1f Added integration test to make sure annotations are passed through to the runtime 1ed7eb389 tree_status: show the git diff ff7609400 Add kind/dependency-change label 648b94860 Add further kinds to pull request template 92ec88f99 Fix unit tests for locally configured registries b039ef652 Add SetNameAndID to Container interface 6885d9088 Publish release notes on gh-pages branch 38ba09453 avoid parallel pulls of the same image 9ae49dad8 vendor github.com/containers/image/v5@v5.3.0 60c01cc24 Switch back to machine executor for CI lint stage e1f6d2ab1 stats: prevent a segfault 15f1f14ac server: Return grpc code NotFound when we can't find container or pod 7615871d6 test: move readonly_rootfs and privileged to correct place f757e0a2d Mention starting cri-o for running with kubernetes 64e46e789 Move bundle to contrib and reuse version vars 3ac1d93bb Simplify container log path handling f3eeee275 build: make uninstall - remove systemd/config files ad7125fcc Remove utils.ExecCmdWithStdStreams in favor of utils.ExecCmd f7730c325 Add PodSandboxConfig (get/set) to Sandbox interface 03c7bd758 Avoid filename collisions in JUNIT_PATH 57b3b608d sandbox_run: import internal/lib/sandbox as libsandbox dbbfd7865 Remove github.com/docker/docker dependency 9f556378a bump conmon to 2.0.12 e02dd7ead vendor: bump github.com/containers/libpod from v1.8.0 to v1.8.1 a3bab821c Update golangci-lint to v1.24.0 7e66be6f3 Remove Update() method fb6525374 docs: add TOC to setup.md f038600d4 Skip release notes generation for forks e8ffd6e17 Add container config (set/get) to Container interface d1d165abb crun: use version 0.13 97d990230 Add target release version to generated notes 01d40e5cf Add gRPC method name to logs 40d247042 Take localhost/ images into account during pull 0f4b6d6fd fix some remaining instances of assuming cgroupfs default bb23a494d bundle/test: drop cgroupfs override a6ae391a3 stats: fix stats when systemd cgroups are used e4cc02850 integration tests: switch to systemd cgroups 9ccd5ac97 bump to conmon 2.0.11 c862e1fbd Support pulling image specified by tag and digest. b0717fc3f Restore sandbox selinux labels directly from config.json 345952cb7 Update Makefile targets and docs to crio.conf.d 12918b25e Add runc, conmon, crictl and CNI plugins to bundle c07429a56 Render latest release notes 73f42d35a Use static runc binary in CircleCI 5f745fa7d Let CRI-O start when `runc` is not in $PATH and not configured 2fae47c00 test/pod: TerminationGracePeriod: skip on CircleCI 34ee0d9ba test/pod: TerminationGracePeriod passthru test 23177bd84 Use `Value` field in CLI for non-default values 211393d25 Upload every successful built bundle to the GCS bucket 11b1fa661 Update golangci-lint to v1.23.8 97b9587f1 Add DEFAULTS_PATH to Makefile eb9cc161c Flatten internal/pkg/* packages to internal/* 4bec101bd Fix 32bit build by vendoring latest go-selinux 3c48743f8 test/conmonmon: fix getting conmon pid 3d7c5ae58 skip failing storage test c0f0c897c Add crio.conf.d(5) man-page to the bundle 4bf557482 Cleanup: minor wording adjustments in documentation 5110df3bf Fix some minor whitespace issues in crio documentation b22b31c58 Add crio.conf.d man page bb0a68503 Move pkg/config/seccomp package to internal/config/seccomp f9f058f2f Update dependencies 6ab73e82e Upgrade CI to use go 1.14 b91cb5e56 Apply Kubernetes PR template 07d329e97 Add live configuration reload to AppArmor profile 1f856928c CreateContainer: pass TerminationGracePeriod 43a03bff8 Add CI bundle tests d81de1839 Remove extra check for go modules in Makefile 917c3e764 Rebuild bin/* targets on *.go file changes d1696ce6b Improve crio --version / version output f13aad99c Make bin/pinns a PHONY target fa3d37c0c Bump kubernetes to v1.18.0-beta.0 295240116 Fix markdown for generated crio/crio-status docs 3010195bb Cleanup config default values d83645127 Drop support for golang < v1.12 eff11105a server, cgroupv2: do not create cgroupns e48d23aab Automatically retrieve digest in test image builds 61f9ca072 Add high level Sandbox and Container interface 2c422eb42 Auto inject CRI-O version c23a169d6 Change CircleCI config to build all jobs for all tags 56d48195c Uppercase first log char per default ffda0f3be Add cgroup namespace unsharing to pinns 06257791d Add live configuration reload to seccomp profile 9ec3b8dc2 cgroups: parse cgroup.controllers once d45ad21d7 Fix Fedora based integration tests 2e1d04393 Update docs and completions for crio wipe --force 153c0002e tests: update to crun 0.12.2.1 59c63a611 restore: specify runtime root to the OCI runtime d1bcb14c9 test/ctr: adapt test to cgroupv2 94c9876d8 wipe: Add a force flag for skipping version check dde9af43e Remove version marker from AppArmor profile 92d3eaf59 test: adapt to python3 0ed6aa6dd test: look for substring c12fa5a5b contrib: install crun also at /usr/local/bin/runc e502d70d3 contrib: fix ansible warning 94799c992 contrib: set crun in crio.conf when build_crun 032baf175 contrib: add tests for cgroup v2 8da112216 container: ignore hugetlb limits if not supported 5c5eb7124 Add user-notice about minimal ctr_stop_timeout 92f899ccb Update pinns build and add small cleanups 007080ec5 conmonmon: errorf when OOM killing fd88a5bd5 klog: don't write to /tmp f31362e45 Pass down the integer value of the stop signal 5a112abf4 exec: Close pipe fds to prevent hangs 23582bdd5 Add live reload to DecryptionKeysPath ad75e22be Update nix package dependencies and cleanup default.nix a5119bdc9 Make SIGHUP reload for drop-in config dir work 0bb5a2abc update installation info for debian and forks c2535c68e Add pinns binary to static bundle f838631f7 contrib: drop system containers fa8d49cb1 contrib: use crun from the containers repository a56b2f9a4 Remove trailing whitespaces from configuration template 1280b5d61 oci: Handle timeouts correctly for probes f6fa7760e fix server restore to not remove podman containers 2c311967c Bump containers storage to v1.15.8 6cefdcca7 drop host_ip from crio.conf.5.md f4449b681 vendor github.com/containers/image@v5.2.0 1d7d7a0fc Unwrap errors from label.Relabel() before checking for ENOTSUP 00fd41c97 Fix reload behavior for unqualified search registries 0eec45416 Skip invalid hooks directories by default e48fa304b Add log context to container stats f4214be7c contrib: 10-crio-bridge.conf change subnet e962246a5 Update dependencies 720545fbf Add `crio version` subcommand ee8b72e11 Update golangci-lint to v1.23.3 78e9ee352 Setup container environment variables before user f7424e9c5 fail on network stop 5284c0a0a docs: improve setup.md 11535c489 Add the container IDs that cri-o assigns to various logs 1a12f8125 move default version file location a tmpfs 764bcf5fb sandbox: skip memory check if set to "max" ff234bb71 build: make install providing systemd and config 14a2905bf fix nit from #3165 a1cdad7e9 drop host_ip and host_ips 1f1132700 Move SystemContext from Server into Config 0a8efeb0a Update Kubernetes to v1.18.0-alpha.2 2ef722b9d Update urfave/cli to latest version ea0217e36 Use new containerd/release-tool path 437fb7356 Update libpod and ocicni 68e94e249 Remove unused getHostIPs and validateHostIPs functions 59ef3883d stream server: Bind to all addresses 0074990d6 Fix integration/unit tests 34b7b7008 Vendor in latest opencontainers/runtime-tools faad45a91 Enable AppArmor tests in CircleCI 4cba27d88 docs: add a blurb about AppArmor profile precedence 0628b3dc8 Fix network ping integration test in CircleCI b74ec1c3c Add support for crio drop-in config files d43e2f359 Fix unit tests for rootless runs 65049475d Refactor sysctl handling and add unit tests e34dad0b3 Log path location when using binaries discovered in $PATH 6a51b90a1 server: allow an apparmor-unconfined container 9ec532c7f Switch default cgroup manager to systemd 50942473b Add documentation about stream_port="0" a014aa4de Fail to start when stream server port already allocated 964245f94 Run integration tests natively in CI 35e8ad4d6 Fail to start when already listening on socket 211fb388e Update golangci-lint to v1.23.1 ef1152b88 Allow server to start without config 49310bb02 Fix generated docs formatting 512fdb2f9 Take total_inactive_file into consideration for memory usage 66ef0b326 docs: remove mention to RHEL-8 beta repo in setup.md 5d38a07d6 Mention latest release branch in docs eecbc3655 Fix typos in test descriptions aa9293e95 Add image pull metrics a94e0b779 container_create_linux: refactor common code 4bb04824b Fix man page header 31ce68627 persist exit: fix some nits 1ae3626d6 Fixes to better handle exit code 914adc516 Save exit file for container in persistent directory 62d09afcd doc: improve setup.md 8fd34a082 server: create cgroupns when running on cgroup v2 bcecd7941 Destroy the pod's network when it can't be restored 36b73a8c9 Add `namespaces{-_}dir` CLI and config option 9ddf6d7d4 Update CNI plugins to v0.8.4 ee1df54f0 Use UUID generator for namespace path 5fb3192f1 Add new NSType for available namespaces a3afb54c3 Fix pinns path mismatch for install and uninstall 6c5ec8486 remove ErrClosedNS 9d7f8ed21 Fix possible segmentation fault in namespace removal 8bcefec51 Change AppArmor profile handling to fallback to the default a0cb8161d Update to conmon v2.0.9 0c02f5453 Fix possible segmentation fault in error handling 20b449bbf Cleanup sandbox shared memory before removing it 1c28b2395 update createSandboxContainer to parse hugepages limit from CRI message 7646a7fd5 Update vendor to v1.18.0-alpha.1 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
55f1e53c6b |
README: add repository, mailing list and freenode contact points
It may not be obvious where the various communication / collaboration points for meta-virtualization can be found. Updating the README to add that information. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
7094239a63 |
libvirt-python: inherit python3targetconfig
* otherwise libvirt build will incorrectly use host's gcc and fail with: gcc: error: unrecognized command line option "-fmacro-prefix-map=/OE/libvirt/6.1.0-r0=/usr/src/debug/libvirt/6.1.0-r0" Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
211925d7f4 |
Revert "libvirt: fix host gcc can't recognized option -fmacro-prefix-map"
This reverts commit
|
||
|
Yi Fan Yu
|
e7a0ea3e0f |
nagios-nsca: blacklist recipe due to unsupported libmcrypt
nagios-nsca depends on libmcrypt... However, libmcrypt is considered as abandonware The last release was in 2007. libmcrypt might not be building properly with the upgrade of autoconf to 2.71. Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
436b60e582 |
kvmtool: refresh to 5.10 version
Grabbing the latest kvmtool sources. These follow kernel numbering, so we bump that to 5.10 to match. We also drop one patch that is part of the main repo now, and refresh the others to avoid fuzz warnings. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
0904b0a778 |
lxcfs: update to 4.0.7
Bumping to the latest available lxcfs. As part of this update, the license has changed to LGPL-2.1+ (from Apache-2.0) We also refresh our systemd patch to continue to apply. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
117425a745 |
docker-distribution: update to the latest 2.7 revs
Integrating the following 2.7 release commits: cf8615de Remove empty Content-Type header 48eeac88 docs: add redirect for old URL e2f006ac S3 Driver: added comment for missing KeyCount workaround 0a1e4a57 Fix s3 driver for supporting ceph radosgw afa91463 Bugfix: Make ipfilteredby not required fad36ed1 Add reference.ParseDockerRef utility function f999f540 Fixing broken table c636ed78 Fix cloudfront documentation formatting 5883e2d9 Fix vndr and check a3c027e6 Adding deprecated schema instructions Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d10f21a722 |
lxc: update to 4.0.6
Updating to the next minor revision in the LTS. We also drop two patches that are included in the main repository as partof this bump. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cf80825a85 |
tini: update to 0.19.0
Bumping the tini release. We pickup the following changes with this update: b9f42a0 Indicate that -e can be repeated 71911f9 add installation instructos for Arch Linux 9d647c3 credit to nfnty for packaging tini for Arch Linux 4df9bb0 add `chmod +x` step to signed download docs 7fdac39 Adding example of how to verify checksums 07b3139 add Debian installation instructions 0374cb6 add aliases x86_64 for uname -m de40ad0 Update Travis release token 81d9b14 Release 0.19.0 9587d90 run_build: publish sha256 checksums to releases 3f3e765 Add ppc64le alias for the ppc64el build 0e55606 .travis.yml: Remove redundant argument 12197f9 Update tests to Python 3 6cfeff2 add support for mips64el 76d4aa0 tini.c: fix child subreaper error message cefad7b gpg: explicitly pass file name 6ece2eb update readme to fix instructions for gpg Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
c3fe6ab427 |
skopeo: update to v1.2.2
Updating to 1.2.2, which along with the following commits, needed a slight tweak to the build target, and the location of the binary. Otherwise, everything remains the same. af2d2b41 Bump vendor/modules.txt in release-1.2 8237787b Bump golang.org/x/crypto to the latest 2294113c Bump to v1.2.2-dev bdb117de Bump to v1.2.1 fe57e80c Update nix pin with `make nixpkgs` 3c33cb45 Add a smoke test for signedIdentity:remapIdentity f94d85aa Split copyWithSignedIdentity from TestCopyVerifyingMirroredSignatures 6ee4b2dc integration test: sync k8s.gcr.io/pause instead of docker.io/alpine b3a15e72 integration test: use fedora-minimal for most manifest list tests f771cb0d Update vendor of containers/common and containers/storage c4fb9364 Fix reading the after-sync list of tags in SyncSuite.TestYamlUntagged 74420528 Bump github.com/containers/common from 0.31.1 to 0.31.2 fc78c93a fix creds sync from yaml 4987a672 Spelling 131b2b8c Bump github.com/containers/common from 0.31.0 to 0.31.1 6b260e16 Update nix pin with `make nixpkgs` 8cc9fcae update debian/ubuntu docs 0fb1121f Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 f36f7dbf Bump github.com/containers/storage from 1.24.1 to 1.24.3 07c0e6a5 Bump github.com/containers/common from 0.30.0 to 0.31.0 13ef9174 Bump github.com/containers/image/v5 from 5.8.1 to 5.9.0 8cd57ef8 Bump github.com/containers/common from 0.27.0 to 0.30.0 f3a8a736 Update to macOS 10.14 4597c095 update OSX Travis env before running tests 2ec251c2 Update installation docs for debian and ubuntu e717a591 Update install.md 901f7e9c vendor in containers/storage v1.24.1 containers/image v5.8,1 4b4ad628 Fix naming and language 6b007c70 Add information about multi-arch image to README 5d73dea5 Add --format option to skopeo inspect 82e461ff Switch to using errors.Wrapf rather then fmt.Errorsf e30abff3 Bump github.com/containers/image/v5 from 5.6.0 to 5.8.0 58c9eccf Bump github.com/containers/common from 0.26.0 to 0.27.0 958c361c Support namespaced logins for quay.io 72e8af59 install: make commands copy-pasteable 873fbee0 Fix #858 Add --all sync flag to emulate copy --all 1a3eb478 Fix #858 Add support for digests in sync bc0ecfc8 Bump github.com/containers/storage from 1.23.9 to 1.24.0 19f9a6ad Update nix pin with `make nixpkgs` 6d7d0e7d Bump github.com/containers/storage from 1.23.5 to 1.23.9 39f8117c add multi-arch builds for upstream and stable skopeo image via Travis e709329b Avoid overriding LDFLAGS in Makefile 35daba11 Dockerfile: install openssl 65c5b0bf integration tests: disable `ls` for logs cd884fa5 Travis: bump go to 1.15.x 3a724640 Use osusergo build tag for static build a7f4b26f Update install.md 98fdb042 Fix `skopeo login` example in README a75daba3 Bump github.com/containers/common from 0.24.0 to 0.26.0 67d72d27 Bump github.com/spf13/cobra from 1.0.0 to 1.1.1 035e2549 install.md: mention Nix/NixOS 0954077f Update install.md bde39ce9 Update install.md a422316d Update README.md 21aa04e3 Make Makefile a little easier to use 50ff352e Update nix pin with `make nixpkgs` 69f51ac1 Bump github.com/containers/common from 0.23.0 to 0.24.0 f9773889 Add Subject Alternative Name to local openssl cert 4ba7d501 Makefile: add a local-cross target 12729c4d Bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 1c45df1e Bump github.com/containers/common from 0.22.0 to 0.23.0 248a1dd0 include OBS install steps for CentOS 3a75b51b Move to v1.2.1-dev 2b4097bc Bump to v1.2.0 467b462b Keep options order in code and add missing bash completions 242b573f Adding periods 2d5f12b9 Add --registry-token tests to utils_tests.go 3c73c0c0 Add --registry-token flags to support Bearer token authentication ec17cfcb Update nix pin with `make nixpkgs` 1d0b1671 Bump github.com/containers/image/v5 from 5.5.2 to 5.6.0 05d172a1 Bump github.com/containers/common from 0.21.0 to 0.22.0 62bafb10 Fix problems found by codespell 4eda1d09 Bump github.com/containers/storage from 1.23.4 to 1.23.5 23cb1b7f Remove an obsolete documentation of (make binary-static) c1f984a1 Bump github.com/containers/storage from 1.23.3 to 1.23.4 8767e73f Bump github.com/containers/common from 0.20.3 to 0.21.0 07146219 Update nix pin with `make nixpkgs` 3bb23e35 use base image golang for build c8c8d5db Bump github.com/containers/storage from 1.23.1 to 1.23.2 ad3d4aec Fix skopeo-login docs typo 69116421 Bump github.com/containers/storage from 1.23.0 to 1.23.1 3ede91cc Bump github.com/containers/common from 0.20.2 to 0.20.3 5ad62b94 Bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 b05933fb Bump github.com/containers/common from 0.18.0 to 0.20.2 e5f54909 -buildmode=pie is not supported for some arch 915f40d1 Build static binary with `buildGoModule` 0c2c7f40 Update docs/skopeo.1.md 135ce431 Add oci-archive to transport list, and link to the authoritative man page c750be01 Use an inter-registry copy as the example for (skopeo copy) 84d051fc Use c/common retry package 56f8222e Add an extra clarification to skopeo-copy(1) c24363cc Bump github.com/containers/storage from 1.21.2 to 1.22.0 4fb724fb Make InspectOutput an external object e23b7800 Fix make clean to actually remove binaries d9058b30 Switch containers/libpod->containers/podman 26e6db1c Dockerfile.build: Upgrade to Ubuntu 20.04 b7cdcb00 Bump github.com/containers/common from 0.16.0 to 0.18.0 4012d0e3 Bump github.com/containers/storage from 1.21.1 to 1.21.2 84c53d10 Retry on skopeo subcommands 960b610f Bump github.com/containers/common from 0.15.2 to 0.16.0 ebc43826 vendor golang.org/x/text@v0.3.3 8f5eb45b Bump github.com/containers/storage from 1.21.0 to 1.21.1 5e2264d2 Bump github.com/containers/storage from 1.20.2 to 1.21.0 19f9a5c2 Bump github.com/hashicorp/go-multierror from 1.0.0 to 1.1.0 0858caff Retry skopeo inspect command 2e343342 Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3 0382b016 Fix macOS builds in Travis 142142c0 Bump github.com/containers/common from 0.15.1 to 0.15.2 52b3a5ba Bump github.com/containers/common from 0.14.3 to 0.15.1 b17fb08f update enc/dec docs to be consistent with buildah dd2e70e9 nix run -f channel:nixos-20.03 91dc0f3f Bump github.com/containers/common from 0.14.0 to 0.14.3 0e2611d3 Run htpasswd from our build-container instead of registry:2 0f458eec Add nix derivation for static builds 6b960ec0 Cleanup Dockerfile builds fdc58131 Move to v1.1.1-dev 63085f5b Bump to v1.1.0 dd7dd753 vendor github.com/containers/image/v5@v5.5.1 b70dfae2 vendor github.com/containers/common v0.14.0 9bafa7e8 Bump github.com/containers/common from 0.13.0 to 0.13.1 6198daeb Correct a typo in docs/skopeo-sync.1.md 9e99ad99 Bump github.com/containers/common from 0.12.0 to 0.13.0 c36502ce Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 4eaaf312 Bump github.com/containers/storage from 1.20.1 to 1.20.2 5284f6d8 Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 ae97c667 Bump github.com/containers/common from 0.11.4 to 0.12.0 8b4b9543 Fix error handling on invalid regex c103d652 Drop redundant fmt.Sprintf inside erorrs.Wrapf/Errorf c5183d0e Use MatchString instead of Match with a manual conversion 16b43525 Use reference.Tagged to extract the tag from a reference 35f3595d Inline isTagSpecified into its only caller 0ee81dc9 Use a reference.Named, not types.ImageReference, in imagesToCopy 80588509 Clarify imagesToCopy control flow 97ec6873 Work with a reference.Named, not strings, in imagesToCopyFromRegistry d16cd399 Use a reference.Named, not types.ImageReference, in imagesToCopyFromRepo 7439f94e Remove the repoReference parameter of imagesToCopyFromRepo 44338073 Don't use path.Join to form repository names 56c6325b Share the logrus.WithFields settings over the loop bodies 0ae9db5d Clarify control flow when handling the tags list 677c29bf Only create a SystemContext once per registry 72376c41 Fix the recently added example in the man page. 322625ee Use a separate field for the "sync images with tag matching regex" feature 9c1936fd Add upstream and testing container images a51af64d Bump github.com/containers/storage from 1.19.2 to 1.20.1 a31d6069 Bump github.com/containers/common from 0.11.2 to 0.11.4 2330455c there is a brew formula for skopeo bec7f697 Add tags to support regular expressions in yaml conf add relevant test cases and documentation update the sync doc 60ecaffb Add Skopeo Stable Image Dockerfile for Quay 2fe7087d Move to v1.0.1-dev bd162028 Bump to v1.0.0 5093d5b5 Update skopeo readme and man page 1b2de8ec Update docs/skopeo-sync.1.md ab230050 Add links to configuration man pages 4244d682 Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 3247c0d2 Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 eb024319 Bump github.com/containers/storage from 1.19.1 to 1.19.2 b79a37ea v0.11.2 containers/common 0ec2610f Add skopeo login&logout e21d6b36 Update containers/image to v5.4.4 a6ab2291 Add tests for using signatures with mirrors 8f845aac Update c/image for https://github.com/containers/image/pull/912 439ea830 Add Security Policy 8d252f82 fix copy doc 46fbbbd2 Use cobra in skopeo a6abdb85 Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 02407d98 Fix TestCopyAtomicExtension 116add9d Bump github.com/containers/storage from 1.18.2 to 1.19.0 5f8d3fc6 Move to v0.2.1-dev 1119299c Bump to v0.2.0 cf4dff47 Fix for yet another breaking podman change 17848a18 Run (go mod tidy) before (go mod vendor) 2873d8ec Revert "Bump github.com/urfave/cli from 1.22.1 to 1.22.4" 702165af Fix (make vendor) 8c8d9bd2 Bump github.com/urfave/cli from 1.22.1 to 1.22.4 5b479b10 Bump containers/image to v5.4.3 f68b53af make vendor: run `tidy` after `vendor` 65692366 vendor c/image v5.4.2 0eef946e Bump github.com/containers/image/v5 from 5.4.0 to 5.4.1 82e79e3f Remove dependency on buildah 325327dc Bump github.com/containers/image/v5 from 5.3.1 to 5.4.0 6e3f4c99 Update on #834: force runc only when cgroupsv1 27b330f6 Revert the removal of buildah dependency f231b777 Update docs/skopeo.1.md 55044627 Add example with repository Fixes #854 aa20fbfd Skopeo should support for BigFilesTemporaryDir (SystemContext) 274efdf2 Update containers/image v5.3.1 33616424 Bump github.com/containers/storage from 1.16.5 to 1.16.6 970af7d1 Bump github.com/containers/image/v5 from 5.2.1 to 5.3.0 1e7fe55b Use fully-qualified image names 081e4834 Bump github.com/containers/common from 0.5.0 to 0.6.1 bd59677a Bump github.com/containers/storage from 1.16.3 to 1.16.5 dda59750 Bump github.com/containers/common from 0.4.4 to 0.5.0 ebeb1c3f Bump github.com/containers/storage from 1.16.2 to 1.16.3 33ebce08 Bump github.com/containers/common from 0.4.3 to 0.4.4 0752e837 Bump github.com/containers/common from 0.4.2 to 0.4.3 406d3eb1 Bump github.com/containers/storage from 1.16.1 to 1.16.2 bae33781 Add Ubuntu/Debian install instructions 7dcfc183 Bump github.com/containers/storage from 1.16.0 to 1.16.1 4e45fcc5 Mention CentOS/RHEL in installation instructions 2e65e64c CI: force Podman to use runc ef1b005c Bump github.com/containers/common from 0.2.1 to 0.4.2 7be2a1bf Bump github.com/stretchr/testify from 1.5.0 to 1.5.1 f489ba7b bump to a supported ubuntu release df2966b7 add support for REGISTRY_AUTH_FILE 8d1a4649 Partial image encryption support 377ba25c Bump github.com/stretchr/testify from 1.4.0 to 1.5.0 1d136f05 Bump github.com/containers/storage from 1.15.8 to 1.16.0 7b9629d6 Bump github.com/containers/common from 0.2.0 to 0.2.1 07c89b49 Fix wrong import of docker reference a9854e11 Remove the list_tags integration test since it does not cover much not already tested by the upstream container/images repo or local unit tests 36fdc062 Updates based on code review to simplify logic and tests 5554964a Fix inconsistency in manpage example for list-tags b0cfab1d Fix formatting on test cce44c45 Adds "list-tags" command to list tags with no known tag required. Fixes #276 f8302650 Bump github.com/containers/common from 0.1.4 to 0.2.0 ba8417ed Add Code of Conduct 759dc98b bump to v0.1.42-dev 7d080caa v0.1.41 b6e7fbdf Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 b59c018a Bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8 e3f9f55c Bump github.com/containers/common from 0.0.7 to 0.1.4 2c0a4c9c Remove the reference to openshift/api a7297d4d vendor github.com/containers/image/v5@v5.2.0 7cbb8ad3 Manually update buildah to v1.13.1 4489ddd8 add specific authfile options to copy (and sync) command. c6a731bb Adds override-variant to man pages 222beaf4 Adds the --override-variant command line flag 6c7dc9b7 Bump github.com/containers/buildah from 1.11.6 to 1.12.0 27b3e218 Add context to --encryption-key / --decryption-key processing failures 17b921cb Bump github.com/containers/storage from 1.15.2 to 1.15.3 2f2dc646 Bump github.com/containers/buildah from 1.11.5 to 1.11.6 b0da0858 remove direct reference on c/image/storage 7d3c3ce5 Makefile: set GOBIN 21613f19 Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.7 afaa9e7f Bump github.com/containers/storage from 1.15.1 to 1.15.2 9c402f37 Introduce the sync command 8ccd7b99 openshift cluster: remove .docker directory on teardown 04bc64f5 Bump github.com/containers/storage from 1.14.0 to 1.15.1 73248bd6 document installation via apk on alpine c6bc2367 Fix typos in doc for image encryption 39ff039b Image encryption/decryption support in skopeo 88fd1172 make vendor-in-container 5f3219a8 Bump github.com/containers/buildah from 1.11.4 to 1.11.5 23d9383a Travis: use go v1.13 af073483 Use a Windows Nano Server image instead of Server Core for multi-arch testing 81caa0fa Increase test timeout to 15 minutes dd66c1d3 Run the test-system container without --net=host 6991ba85 Mount /run/systemd/journal/socket into test-system containers db877dca Don't unnecessarily filter out vendor from (go list ./...) output 8eba94f2 Use -mod=vendor in (go {list,test,vet}) 05ae513b Bump github.com/containers/buildah from 1.8.4 to 1.11.4 876595e6 Bump github.com/urfave/cli from 1.20.0 to 1.22.1 140b47e8 skopeo: drop support for ostree cd8c0085 Don't critically fail on a 403 when listing tags d83d0819 Revert "Temporarily work around auth.json location confusion" ce2db022 Remove references to atomic df92a33c Remove references to storage.conf b21a5970 Dockerfile: use golang-github-cpuguy83-go-md2man a18a5eae bump version to v0.1.41-dev be6146b0 release skopeo v0.1.40 8f24d281 vendor containers/image v5.0.0 2553a230 systemtest: inspect container image different from current platform arch 7d251f5a copy: add a --all/-a flag 58248412 System tests: various fixes 4962559e Temporarily work around auth.json location confusion 7922028d Update to c/image v4.0.1 51b54191 systemtest: copy: docker->storage->oci-archive 1c243a5b systemtest/010-inspect.bats: require only PATH 8d1bb150 systemtest: add simple env test in inspect.bats 8c96dca3 bash completion: add comments to keep scattered options in sync 1d8f5f29 bash completion: use read -r instead of disabling SC2207 b31f0da5 bash completion: support --opt arg completion a02e57dd bash-completion: use replacement instead of sed a000c194 bash completion: disable shellcheck SC2207 86e35643 bash completion: double-quote to avoid re-splitting c61a5ea2 bash completions: use bash replacement instead of sed 89bb6158 bash completion: remove unused variable 646e197e bash-completions: split decl and assignment to avoid masking retvals 699c2556 bash completion: double-quote fixes 0c579aca bash completion: hard-set PROG=skopeo bc8281c0 bash completion: remove unused variable 91510e39 bash completion: use `||` instead of `-o` 7b0db25a bash completion: rm eval on assigned variable a36d81c5 copy: add --dest-compress-format and --dest-compress-level 976dd83a flag: add optionalIntValue a1c5a1f4 Makefile: use go proxy 43b014c8 inspect --raw: skip the NewImage() step f1d8451b update OCI image-spec to 775207bd45b6cb8153ce218cc59351799217451f a778e595 inspect.go: inspect env variables 0f1ded2a ostree: use both image and & storage buildtags 89d6d0c7 bump to v0.1.40-dev Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
4a16ba75b1 |
crun: update to 0.17
We bump crun, and its dependency repositories to their latest revisions. Along with the code changes, we have a new systemd dependency (or the build fails), and the License was incorrectly set to GPLv3 previously, and we correct it to v2 as part of this update. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
f32657ae6e |
podman-compse: update to latet 0.15 hash
Updating to the latest commits, and switching to the named 'devel' branch (from master previously). The following commits are part of this update: 6289d25 fixes #236: compatible with docker-compose abc0813 Only pull each image once 9cd837f Fixes #236: Ensure project name works with podman a4b8b5e Fix 'podman-compose version' with no compose file in the working directory 5971f57 FIXES #249: update dotenv with some envs ab96f12 FIXES #249: update dotenv with some envs f6a3cb0 Allow environment variables to be unset 497355f Re-order environment/env_files to match compose 20a86ea add --no-cache arg to build 4e2e960 build specific service efba3a1 support str style configuration for env_file 9063976 BUG: 'podman stop -t 360.0' called for float, expects int on cli 3712b54 ENH: add timeout option to podman-compose down, as in https://docs.docker.com/compose/reference/down/ 294f8ee Hashlib to generate SHA256 instead of MD5 for FIPS 105b129 Fix infinite loop d3f3711 FIXES #181: accept init and init-path 7eacf14 MAINT: resolve https://github.com/containers/podman-compose/pull/180#issuecomment-632722974 8cd98ab MAINT: extend instead of append 047820d ENH: Added restart policy forwarding to podmann run, compose build args added to up args e7b1382 Add --build-arg to 'up' (Fixes #161) 64ed554 Allow empty default/error value in substitution 93bf39e Add Security Policy 5915ba3 Catch error when compose file is empty 1ca6a88 target once 7b40079 Pass "target" parameter when building an image. f9915c4 Check for target property when building images 1973340 Add support for --build-arg option e8147e3 Add support for cap_add/cap_drop 7f210ff fixing "Error: unknown flag: --shm_size" cbed801 start detached 6a42d68 add ports test 07a2430 Fixes #152: validate that podman is useable 5215782 Fixes #152: validate that podman is useable 03cbd29 pass volumes using -v 796e6a4 Avoid crash when no services are defined efcbc75 Pass ulimit parameters when building container dacc753 Add Code of Conduct 8c3b7e6 Added mount option delegated and cached 147f0ae Update README with dnf install instructions. 27d3caf Add support for privileged option e7a9bd3 Show stopped containers in ps ddd582c Add support for logs subcommand 169eaee Fix override of the run command c5f8973 Mixed-case directory names break 'podman create' 12036aa FIXES #76: a service extends a service with same name 7222fdb exit if not files bb7120f Fix stop command runs start instead 7ebbe2e Fix KeyErrors encountered with extended services 29d4cdc Remove unused funtion in setup.py a9216c3 podman volume inspect mountPoint/Mountpoint e538852 #57: better ps via label b1c2b02 podman_compose.py 9e0dd2d extends with external file 72c1992 Remove never-shared options. 3e2381f Support extends dee813a #47: version command 9684429 #52: fix how we split commands 87e7211 #54: fix ulimits 7269701 Fixed get of ulimit tag, according to docker-compose specification b369073 Fix podman-compose run command parsing 62f0cc4 Changed -l flag to --label in order to be compatible with Podman 1.0.2.dev c152d28 Support for generic container-compose format 8e43e69 FIX #41: compare original volume name 751aaa8 Add support for devices in a service 243bdb6 Add support for setting container ulimit 2202e7f Add support for setting container ulimit f505e49 a test showing yaml anchor magic 2e4378f add string check for cmd line args 2a8d430 FIXES #35: now support multiple composer files a512c0c #35: test for multiple -f Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
42ec3cb5bf |
docker-compose: update to 1.28.2
Along with the version bump, we refresh our dependency patch to apply. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
7b8da52f5f |
conmon; update to 2.0.26
Updating to version 2.0.26. Along with the following commits, we add a dependency on go-md2man-native, or the build will break. 0e155c8 bump to v2.0.26 2b87314 conn_sock: do not fail on EAGAIN de1a153 Update nix pin with `make nixpkgs` de1c681 bump to v2.0.26-dev 05ce716 bump to v2.0.25 d9bd8f8 conn_sock: fix double free 3af2776 src: avoid unuseful strdup a7418c0 fix propagation of PREFIX variable to docs/Makefile 0353110 bump to version 2.0.25-dev 9cbc71d bump to version 2.0.24 b39ce63 conn_sock: fix path opening 37217a3 bump to version 2.0.24-dev 0b961fc bump to version 2.0.23 93f5b30 conn_sock: add full-attach option 5e42e54 Update nix pin with `make nixpkgs` 0f092d5 conmon: store open FDs and close only them 43377e3 conn_sock: add function to close all readers e7e84a4 cgroup: store used file descriptors 74d6c46 conmon: do not use invalid fd 58d020a Update nix pin with `make nixpkgs` 6287bd8 conn_sock: make dest fd non blocking 715c680 bump to v2.0.23-dev 9c34a86 bump to 2.0.22 603154d conn_sock: Explicitly free a heap-allocated string 5df41fb Add conmon man page 7ae8f48 Update nix pin with `make nixpkgs` 9c55220 set locale to inherit environment 34e31d1 attach: always chdir 16a59f5 Update nix pin with `make nixpkgs` af7f652 Cirrus: Use images from automation_images 59c2817 Refactor I/O and add SD_NOTIFY proxy support eb93261 Update nix pin with `make nixpkgs` 7cb7fd7 Fix problems found by codespell dc7b3c3 bump to v2.0.22-dev 35a2fa8 bump to v2.0.21 bc88ac5 protect against kill(-1) 668b748 Makefile: enable debuginfo generation 1d7b3a5 Remove go.sum file and add go.mod 6eb222d Fail if conmon config could not be written 9d61f0f nix: remove double definition for e2fsprogs 76548e1 Speedup static build by utilizing CI cache on `/nix` folder 4fe8ba9 Fix nix build for failing e2fsprogs tests 7ab6aa1 test: fix CI 5a6b2ac Use Podman for building fe1563c bump to v2.0.21-dev 13244db bump to v2.0.20 5bc12e0 logs: readd sync, but gate behavior on cli flag 3055b86 bump to version 2.0.20-dev 25585dd bump to version 2.0.19 4fea27e handle children better 64926b7 nix run -f channel:nixos-20.03 eff699e Fix slave/master termonology 2f5eb89 Reap PIDs before running exit command fc4b36b Update log-path parsing and unit-tests to handle a lot more edge cases. b6ff975 conmon: drop fsync calls 02fcffe bump to v2.0.19-dev Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
773fd5a023 |
podman: update to 3.x release series
Bumping to the 3.x release series, to pickup new functionality for the release. As part of this update we drop the build of iopodman.go, since varlink support has been dropped in favour of a ReST API. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e2bba8633e |
runc/config: add seccomp distro feature
When using podman (or other seccomp enabled container runtimes), you will get an OCI container startup error if runc hasn't been built with seccomp. Adding a distro feature to runc and to the README to make it easier to coordinate the support. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
da32b79488 |
cni: update to 0.8.0
The following CNI commits are part of this update:
e32b586 remove build badges from homepage
296290a Switch from Travis to GH Actions
a199e6a go fmt
ada6726 tighten up plugin-finding logic
eec3755 Add "alias" to conventions
867451c Fix typo in pkg/types/internal/convert.go
679ed9d Fix typo in CONVENTIONS.md
6d8228e maintainers: fix typo
e781c94 types: remove SupportedVersions
7555ca3 spec: bump to 1.0.0-pre-release and remove 'version' from Result addresses
6823eba tests: small cleanup and removal of one useless testcase
3805b13 types: add 1.0.0
0050bfa types: implement convert module and make types use it
90311ea Bump release build Go version to 1.14
f9b5c9b Add security reporting info
e5c65a5 Revert formatting of error codes
65bf688 Travis: bump go versions
a7cceb9 add go.mod
93a7425 testhelpers: clean up how we build against old libcni targets
c78d465 Replace 2019 conference announcement with links to the recordings
fc1de42 Sync contact methods in README and CONTRIBUTING
c815aca Update the SPEC, CODE-OF-CONDUCT, CONTRIBUTING, RELEASING with minor formatting changes and linting updates.
17a6379 Update README.md
956c943 adding OVN4NFV-K8s-Plugin as 3rd party plugin
e2a7366 Retry exec commands on text file busy
76b18ea Typo fixes for infiniband GUID
44dabed invoke: capture and return stderr if plugin exits unexpectedly
279bc6c Add DeviceID attribute to RuntimeConfig
fdcc7b1 test: allow specific package testing with PKGS=<x> ./test.sh
ca0082f Add Infiniband GUID to well known Capabilities
38353fa Remove extra ',' chars which makes conflist examples invalid.
134f603 maintainers: remove Stefan per personal request
1435c6b Add Michael Cambria as a CNI maintainer
6b46a03 Update link freenode.org to freenode.net
075e303 Update roadmap for 1.0 plans
0b1c649 Change language identifier to jsonc for json with comments
704c56d Update tests
f208f19 Remove Result.String
cc6e8af pkg/utils: utility package should use black-box testing
025e32f pkg/utils: add utils_test
6f29b01 intercept netplugin std error
777584f Add Kube-OVN to CNI list
e00fa53 appending antrea to the cni list
7815be7 Add Project Antrea in CNI list
f2fa4a3 Add table of contents
b36de6e DOCUMENTATION: Address incomplete instructions in CONTRIBUTING.md
c35ac21 Adding Cisco ACI to CNI plugin list
3eb88ac Add Bruce Ma and Piotr Skarmuk as maintainers
6c6a315 Update README to sunset slack and call out kubecon presentations
b89eff5 Add a note to README about where to find the binaries
4eec648 When the CNI version isn't supplied in config, use default.
eefc069 SPEC: update validation rules for interface name in docs and address some comments
b5188cf spec: fix some typo in docs
c94fcd7 Perfect annotation: Correct word spelling mistakes
7be1ac9 add interface name validation to libcni and skel
9f4a623 utils: add validation function for interface name
2a82881 Bump golang
c0f784d Update cnitool docs
94399d5 add err handling in plugins/test/noop/
d8dfb56 validate containerID and networkName ensure they contain only letters and numbers
e4a11ba libcni: cache file operations require full uniqueness tuple in RuntimeConf
a83f3cb libcni: also cache IfName, network name, and container ID
894863c libcni: fix cache file 'result' key name
f3654f3 skel: remove needless functions and types
3e79703 modify some well-known errors
1318d7c libcni: find plugin in exec
9af40ed libcni: add config caching
722a488 docs: add ips and mac to well-known capabilities and fix some typo
227c438 SPEC: add some well-known error codes
ba034ef testcases: make testcase use suitable error code
4b29940 skel: clean up typed Errors in skel
50192c0 types : add NewError method
0af0477 readme: add Alibaba Cloud CNI plugin 'Terway' to the list
b92d83c bump linux to Bionic 18.04 in Travis and Vagrant
a48337a add missing commas, fix syntax error
5077b14 Add stringifyArgs and parseArgs functions to utils.go
80ad241 libcni: add InitCNIConfigWithCacheDir() and deprecate RuntimeConfig.CacheDir
5dbeae8 clean up : remove useless variable
a03dc28 clean up : fix staticcheck warnings
cbca752 Docs: Small typo fixes in main README.md
As well as the following plugin commits:
fa48f75 ipam/dhcp: Add broadcast flag
74a6b28 vendor: bump libcni
8feef71 add flannel to support dual stack ip
343d233 bandwidth: fix panic in tests
d41acb8 host-device: Add support for DPDK device (#490)
075c5a0 [main/vlan] Fix error handling for delegate IPAM plugin
a8d1f5c dhcp: default dhcp clien timeout is 10s
354def7 vlan: fix error message text by removing ptp references
25fc741 dhcp: daemon dhcp client timeout is configurable
3161bb5 dhcp: timeout value is set in DHCP daemon
ebce6d0 remove unused function
691238c deps: go mod tidy coreos/go-iptables
23a1d90 deps: bump coreos/go-iptables
e13bab9 tuning: revert values on delete (#540)
680c6dd go mod tidy
be19d78 bump to go 1.15
8d52c42 Add ability to trigger retests via comments
3ae85c1 pkg/ns: fix test case to tolerate pids going away.
25704f9 Add github build & test actions
eb31403 bridge: fix testcase to check addresses we care about
336ba52 Remove travis.
b47d178 vendor: bump ginkgo, gover
108c2ae portmap plugin should flush previous udp connections
cccf539 Updating plugin README.md files (#549)
c41c78b update netlink dependencies
50a3aa6 Xdhcp: fix example configuration
98c621a VRF: extend supported version to 0.3.1 too.
b34402a VRF CNI: Add an optional table parameter.
5fc309a Add more tests for the vrf cni plugin.
362f5d6 Update github.com/vishvananda/netlink to v1.1.0
8d0d8a9 Introduce a new VRF CNI meta plugin.
1a7f1bd Travis: run tests on arm64
8a6e96b Replace nc with the local echo client.
3227902 Add an echo client to be used instead of nc.
59baaa1 Bump up the ubuntu version used in CI to bionic.
9ce99d3 flannel: allow input ipam parameters as basis for delegate
08ff3b6 ipvlan: make master config as optional
1ea19f9 Remove extraneous test file in Windows plugin
799d3cb Fix race condition in GetCurrentNS
839d918 lo: CNI_IFNAME is no longer ignored
c50490e cni: bump to 0.8.0
01a8de9 Bump Go version to 1.13 and 1.14
2b6cd54 Add contact info
0214625 Update firewall README.md CNI-ADMIN
813f541 firewall: fix some typos in docs
051452c Update firewall README.md
877602d portmap DEL noop if no portMappings present
2bd04cb firewall: fix generate of admin chain comment
d4775ec Fix handling of delay in acquiring lease with stp turned on
68a80bc Update README.md
5cb3a5e portmap: don't use unspecified address as destination
b9560fd macvlan: set mac address from CNI_ARGS
79192cb host-device: Bring interfaces down before moving.
219eb9e ptp, bridge: disable accept_ra on the host-side interface
02bfece plugins/meta/sbr: Adjusted ipv6 address mask to /128
5e0fbd8 portmap: Apply the DNAT hairpin to the whole subnet
a78853f Support device id in host device plugin (#471)
2d2583e win-bridge: add support for portMappings capability
30776ff check bridge's port state
2a48d68 Reset the route flag before moving the rule
486ef96 [DO NOT REVIEW] vendor upate to remove useless dependencies
8a0e3fe build error utility package to replace juju/errors
112288e Unlock OS thread after netns is restored
c7e2cf7 owners: updates for maintainer changes
53854dd flannel: remove net conf file after DEL succeed
a9b4e04 Make host-device to work with virtio net device
45fd949 ptp: remove some redundant lines
2ff84a4 pkg/ip: use type cast instead of untrusty error message
37207f0 pkg/utils: sysctl package should use black-box testing
d1360b8 loopback: Fix ipv6 address checks
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
5834c7eb11 |
kubernetes: update to latest 1.20-release
Integrating the following k8s commits: 62b808f34d7 Update region_pd e2e test to support PV have GA topology 85fd25ef54c Recover CSI volumes from dangling attachments b81c612b12b IsVolumeAttachedToNode() renamed to GetAttachState(), and returns 3 states instead of combining "uncertain" and "detached" into "false" 5a957b08153 Fixes Attach Detach Controller reconciler race reading ActualStateOfWorld and operation pending states; fixes reconciler_test mock detach to account for multiple attaches on a node 3a83880d442 Fix translation of Cinder storage classess to CSI e1ee8ed5f41 Resolve IP addresses of host-only in filtered dialer a73b4122b3c Deflake ingress updates 570e423af0e ignore cgroup driver check in windows node upgrade c0fc4d4dc38 aggregate errors when putting vmss c8cc26f1523 fix azure file migration issue 8ba5a06139d kubeadm: change the default image repository for CI images from gcr.io/kubernetes-ci-images to gcr.io/k8s-staging-ci-images baa6b2bd066 reduce buckets for etcd_request_duration_seconds 745bdd0016e cleanup subnet in frontend ip configs 3a5c02dbf51 conformance changes b241e6882c0 make hostPort match test linuxonly 20b66e4ec1e Clean up namespaced children of missing virtual parents with incorrectly cluster-scoped nodes 4c1bc2d6b06 Add unit test for child scope mismatch with missing parent 87344c8d52c vendor: update cAdvisor to v0.38.7 8ae140db2b9 Use volumeHandle as PV name when translating EBS inline volume a525ddc8521 Update CHANGELOG/CHANGELOG-1.20.md for v1.20.2 112e823d906 Release commit for Kubernetes v1.20.3-rc.0 faecb196815 Release commit for Kubernetes v1.20.2 7394cae9159 kubectl-convert import known versions 8e44c89eefe Revert "Merge pull request #92817 from kmala/kubelet" 1fc106ac183 fixes nil panic for nil delegated auth options d65732141da Lower the frequency of volume plugin deprecation warning d8a1dfb21f1 move all variables in sampleAndWaterMarkHistograms::innerSet ffed9c3a48c handle webhook authenticator and authorizer error c3e150fada2 use default unkown sock for kubeadm cmd if cri detect is not needed 2d0ffc16769 cherry-pick part of #97451: fix nodeport quota check failure during creating clusterip d0dfecaf038 fix the panic when kubelet registers if a node object already exists with no Status.Capacity or Status.Allocatable 287ca883635 Release reserved GCE IP address after ensure completes. 37e3feac7cb Ensure reproducible builds when build through docker 4d8ac66fce1 Fix cadvisor machine metrics 3c67a0a760b Create OWNERS for most of the API Priority and Fairness impl a1ac5f4894b fix the deadlock in priority and fairness config controller 16559f765ea Cherry pick 443 and 448 from cloud provider azure d8ba4e4af42 Fix bug in CPUManager with race on map acccess 0f764ea81e6 clean up executing request on panic a79db17be1a fix azure file secret not found issue 98dffa75232 fix: azure file latency issue for metadata-heavy workload 0c0d4fea8dd Update CHANGELOG/CHANGELOG-1.20.md for v1.20.1 764cafccc4e Release commit for Kubernetes v1.20.2-rc.0 c4d752765b3 Release commit for Kubernetes v1.20.1 afaa0c6e621 Avoid checking the entire backend service URL for FR equality. 6666afa3317 Revert "Use host IP instead of localhost for control plane component kubeconfig files." 787e3a62cab Add more logging for Mount error 8a224b526c3 etcd version for 1.19 is 3.4.13 for cve fixes 5483a7230d7 Use non privileged ports 0c1a53829dd Flush FibreChannel devices before deleting 34077eedb6c Fix FibreChannel volume plugin corrupting filesystem on detach 416165a0cc6 vendor: update cAdvisor to v0.38.6 2e6a0a0a126 Update CHANGELOG/CHANGELOG-1.20.md for v1.20.0 49eb3a86d5b Revert "iAdd host IP to etcd listen client URLs." f674d4e84d5 fix migration logic d1e54b9922b APF e2e: disable drown-out tests temporarily 7d6ffe0b1a4 Add AcceleratorStats to cri_stats_provider 3321f00ed14 Release commit for Kubernetes v1.20.0-rc.0 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e0cd8599f1 |
containerd: remove container-docker and consolidate .inc files
There has been a warning in the containerd-docker recipe for quite some time, which indicates that it will be removed in the future. That time has come and we delete that recipe. It is no longer updated and everyone should be using the opencontainers variant. Now that we don't need the .inc, we delete it and consolidate in the single recipe. We also enable the systemd service by default, since docker is no longer in the picture and starting the daemon/service. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cd6feb72b8 |
containerd/opencontainers: update to latest 1.4.x SRCREV
This includes the following commits: 232cee448 Update to go 1.15.8 f087d7849 runtime: fix shutdown runc v2 service edffc830b change flag from RDONLY to RDWR and close the fifo correct e7cd2030e pusher: add missing authentication support for requests ec752e8ba docker: avoid concurrent map access panic b73052d34 runtime/v2: should use defer ctx to cleanup 8cff6b375 [release/1.4 backport] Return GRPC not found error instead of plain one a6f6eb00c Add bounds on max oom_score_adj value for AdjustOOMScore Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
1ce10e184f |
runc-docker: update to 1.0.0-rc93
Bumping to the next -rc, which comprises the following commits: 1e0016cf Show error stack trace if --debug is set 5c0342ba libcontainer: fix bad conversion from syscall.Errno to error a9e99b6d ci/gha/fedora: retry vagrant up f26768a8 VERSION: back to development 12644e61 VERSION: release 1.0.0~rc93 c348b982 tests/rootless.sh: fix/ignore shellcheck warnings 11437593 tests/rootless.sh: use set -e -u -o pipefail 5ab05884 ci: untangle getting test images bc175ba4 tests/helpers.bash: rm GOPATH dc025792 ci/gha: bump golangci-lint to v1.36 4d3a8d5e .golangci.yml: add 76ae1f5c libct/cg/fs/freezer: fix freezing race c4bc3b08 Remove "PatchAndLoad" stub as it's not used without seccomp enabled 6ddfaa5e cgroupfs: cpuset: fix broken build ca422896 Makefile: add -trimpath go build flag d89c9629 Fix typo in README b1195b76 ci: test with golang 1.16-rc1 164e0adb tests/int/spec.bats: fix for go 1.16 4160d743 seccomp: add enosys unit tests 8bd19cd5 tests: add seccomp -ENOSYS integration test 7a8d7162 seccomp: prepend -ENOSYS stub to all filters 2be806d1 libcontainer/configs: improve CommandHook unit tests f4d153b0 Fix int overflow in test on 32 bit system 4e98eec1 libct/cg: demote "systemd is too old" to debug c7357aad libct/cg/ebpf/testDeviceFilter: rm verbose logging 6a9f5ac9 libct/cg/fs: fix a linter warning 63c44e27 libct/cg/fs: getPageUsageByNUMA: rewrite/optimize e9248dd5 cgroup: fix panic in parse memory.numa_stat 426aa416 libct/int/TestExecInTTY: skip c30cd3cd libct/int/TestExecInTTY: fix error reporting dac0c1e3 console.ClearONLCR: move it back ab27e12c Implement GetStat for cpuset cgroup. 867ba38e events: simplify some conversion functions 8ce51611 GHA: tune timeouts for VM jobs 510e404e make shfmt: run for all script/* files 90d02ecc Vagrantfile.centos7: clean up after bats install a91210f4 gha: use ssh -tt to have a tty 1f4a3b1e gha: don't check commits on push 4a30ada4 gha: cache docker layers to speed up make runcimage 58c31003 README: rm travis badge a21e57d7 tests/int/hooks.bats: skip earlier 657a24ce libct/cg/TestGetHugePageSizeImpl: only log errors 3394e374 libct/cg/sd/TestRangeToBits: be less verbose 230a46b7 systemd: fix rootful-in-userns regression c751ba3f systemd: show more helpful error a35cad3b libct/cg/sd/v2: warn about old systemd 03b512e5 libc/cg: convert r.CPU.Cpus/Mems to systemd props eee425f5 libct/cg/sd/systemdVersion: don't return error 5de00ad9 tests/int/multi-arch.bash: fix for busybox b3cf4831 script/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED 1a00cd8f script/check-config.sh: fix MEMCG_SWAP_ENABLED ecb9d73c script/check-config.sh: fix NF_NAT_NEEDED 483abaac script/check-config.sh: fix NF_NAT_IPV4 91eba84a script/check-config.sh: support for cgroupv2 25987d03 libcontainer/intelrdt: adjust the file mode c8e89b8d Remove script/install-vagrant.sh 06a684d6 libct/int/TestExecInTTY: repeat the test 300 times fedaa2ab TestExecInTTY: simplify, improve error reporting 719d70d2 setupIO: simplify code 24c05b71 tty: fix ClearONLCR race 039c47ab libcontainer: signalAllProcesses(): log warning when failing to thaw 18972177 libcontainer: move capabilities to separate package 692fab09 libct/checkProcMounts: optimize 72f46389 libct: add TODO about os.ErrProcessDone d7df3018 libct: suppress bogus "unable to terminate" warnings 637f82d6 runc run: resolve tmpfs mount dest in container scope d64c3afe tests/int/mount.bats: reformat a2c9866e tests/int/mounts.bats: cleanup 9f2153c6 libct/cgroups/fs/cpuset: don't use MkdirAll c85cd2b3 libct/cg/fs/cpuset: don't parse mountinfo c0e14b8b libct/cg/fs.getCgroupRoot: reuse (cached) cgroup mountinfo ed70dfa7 libct/cgroups/v1_utils: implement mountinfo cache 17a0dc31 README: add note about not using runc directly 4bc2aab9 README: add links to misc docs 2dc1bf91 ci: move Fedora 33 and CentOS 7 tests to gha e431fe60 ci: move misc validate tasks from travis to gha 7ecba232 ci: move cross compile check from travis to gha 8ccd39a9 ci: move commit length check from travis to gha 1125ae78 tests/events.bats: unify duplicated code 27268b1a tests/int/cwd: add test case for cwd not owned by runc d869d05a libctr/init_linux: reorder chdir 8bd3b878 test: add case for GH #2086 cb3dd9d8 libct/configs/validate: test for bind-mounted netns 8e8661e1 libct/configs/validate/sysctl: fix repeated netns checks 2dce0699 libct/configs/validate: fix host netns check 2143b368 libct/int/execin_tty: do help debug a flake e709b8ab libctl/cgroups/fscommon: close fd 325a74dd libcontainer/intelrdt: rm init() from intelrdt.go cb269306 remove "selinux" build tag (Always compile SELinux support) 552a1c7b remove "apparmor" build tag (Always compile AppArmor support) 48b8eb09 checkProcMount: add /proc/slabinfo to whitelist 1909051b libct/int/execin_tty: help debug a flake 97929295 libct/intelrdt: fix a staticcheck warning 6437086e libct/addCriu*Mount: fix gosimple warning d0b59548 libct/checkCriuFeatures: fix gosimple linter warning 3de5c514 libct/int: don't hardcode CAP_NET_ADMIN 3387422b libct/int: fix "simple" linter warnings 11680cd2 libct: fix "unused" linter warning a99ecc9e libct/cg/utils: silence a linter warning 3c9b03fd libct/cg/fscommon: log openat2 init failures 6bda4600 libcontainer/cgroups/fscommon: add openat2 support 31b0151f move blkio stat gathering to loop 990a6c57 cgroups: update blkio GetStats be56333f bats: update to 1.2.1 f15c4cca Update umoci to 0.4.6 4344bd8f Dockerfile: use binary criu release 3aead32e nsenter: hard-code memfd_create(2) syscall numbers 5d1b0268 .github/workflows/validate: nits 7cd062d7 libct/cgroup/utils: fix GetCgroupMounts(all=true) 4fc2de77 libcontainer/devices: remove "Device" prefix from types 677baf22 libcontainer: isolate libcontainer/devices de80aae4 recvtty: fix errcheck linter warnings 6b41b463 recvtty: fix waiting for both goroutines 4bbfd2e1 recvtty: use ioutil.Discard c1ef0cf6 ci: add integration+unit tests to github actions fce8dd4d tests/int/tty.bats: increase timeout c6ed1854 ci: add shellcheck to github actions 27835a9e Makefile: move shellcheck out of validate 33bda24a ci: move verify-deps from travis to github actions c60f23b3 ci: add shfmt to github actions 717a73b3 ci: renamed golangci-lint to validate 06b204e5 Makefile: move shfmt out of validate, add -w 7856c340 Dockerfile: bump criu to 3.15 ee1bdb80 vendor: github.com/cilium/ebpf v0.2.0 f0d5e839 Dockefile: fix path to skopeo repo d9010b0e integration: update README to link to bats-core 3f2f06df Move cgroup v2 out of experimental f62ad4a0 libcontainer/intelrdt: rename CAT and MBA enabled flags 620f4c5c libcontainer/intelrdt: fix CMT feature check 896da0b9 docs: terminals: modify the example of Pass-Through mode. 4690064f update vendor 9403afd7 CI: Fedora 33: print kernel version, systemd version, and rootfs type 0a097615 CI: update Fedora to 33 41aa7640 linux: drop MS_REC for readonly remount a4e6955e linux: fix remount readonly in a user namespace 2e968a83 libct/cg/sd/v2: "support" (ignore) memory.oom.group c013be56 libct/cg/sd/v2: support memory.* / Memory* unified 13afa58d libct/cg/sd/v2: support cpuset.* / Allowed* 5be8b97a libct/cg/sd/v2: support cpu.weight / CPUWeight 390a98f3 runc update: support unified resources ab80eb32 libct/cg/sd/v2: support cpu.max unified resource 7f24098d tests/int: move check_cpu* to helpers fd5226d0 libct/cg/sd: add defCPUQuotaPeriod 0cb8bf67 Initial v2 resources.unified systemd support ed548376 tests/int/update.bats: add checks for runc status d0991db2 tests/int/cgroups.bats: reformatting a66a8238 ci: pin shfmt to v3.2.0 2ceb9719 tests/integration: rm excessive run use e32716d3 tests/int: simplify teardown_running_container c114919f tests/int: fix "runc exec --preserve-fds" 7b8c4e98 shfmt mounts.bats to pass `make validate` ac5ec5e3 libcontainer/integration: fix unit test f5c345c3 test: add "runc run --no-pivot must not expose bare /proc" 17de6f80 vendor: bump mountinfo to v0.4.0 70538b39 Update bash completion to support systemd-cgroup 933c4d31 libcontainer/intelrdt: privatize IntelRdtManager and its fields 2c004a10 libcontainer/intelrdt: introduce NewManager() abcc1aae fix some typos about libcontainer 939ad4e3 don't panic when /sys/fs/cgroup is missing for rootless 7613c718 Update bash completion to support new capabilities b8bf5728 rootfs: handle nested procfs mounts for MS_MOVE 5903b0ce libcontainer/intelrdt: remove 'omitempty' property from CMT and MBM counters 0253a08d CI: add shfmt for sh files ff9852c4 *.sh: use shfmt 069fddfa CI: add shfmt for bats fc8c7797 tests/integration/*.bats: reformat with shfmt 0aa0fae3 Kill all processes in cgroup even if init process Wait fails 978fa6e9 Fixing some lint issues f0fdde79 libct/cg/systemd/v1: fix err check in enableKmem c1bba720 libct/cg/systemd/v1: do not use c.Path fa47f958 libct/int/newTemplateConfig: add systemd support 9135d99c libct/int/newTemplateConfig: add userns param 73d93eeb libct/int: make newTemplateConfig argument a struct fb4c27c4 Fix mount error when chmod RO tmpfs 002c92f1 libct/cg.WriteCgroupProc: use fscommon.OpenFile c95e6900 libct/cg/fs*: use fscommon.OpenFile d55729f1 libct/cg/fs/blkio: use fscommon.OpenFile 0228226e libcontainer/cgroups/fscommon: introduce OpenFile b4483305 Add error message e25b8cfc libct/cg/utils: use fscommon.ReadFile 6bae53f5 libct/cg/fs2: use fscommon.ReadFile 2588e6f1 libct/cg/fs/cpuset: use fscommon.ReadFile 1d20cf49 libct/cg/fs/cpuacct: use fscommon.ReadFile 9e78b66e libct/cg/systemd/v1.enableKmem: use fscommon.ReadFile 31634436 libct/cg/fs2.CreateCgroupPath: use fscommon.*File b7092d84 libct/cg/fs.setKernelMemory: use fscommon.WriteFile 619de977 libct/cg/fscommon_test: rm cgroups dependency ede8a86e Convert root path to absolute path on create command e8eb8000 fix some linting issues fcf210d6 Fix goreport warnings of ineffassign and misspell 644c107e libcontainer/intelrdt: modify the incorrect file mode 87412ee4 vendor: bump mountinfo v0.3.1 28b452bf libcontainer: unconvert b3a8b074 libcontainer: prefer bytes.TrimSpace() over strings.TrimSpace() 3d5dec2f libcontainer: remove the unused variable from spec b76652fb libcontainer: remove `removePath` from cgroups faaecac7 libcontainer: remove loadConfig which is the unused function c6ac3c4b libcontainer/system: remove deprecated GetProcessStartTime 3eb469b0 libcontainer: remove redundant strings.Join() bc9a7bda setFreezer: explicitly return nil 2a644a7d CI: add golangci-lint via github actions 360981ae libct/cgroups: rewrite getHugePageSizeFromFilenames 819fd683 go.mod: sirupsen/logrus v1.7.0 0eb66c95 go.mod: github.com/containerd/console v1.0.1 8bf21672 use string-concatenation instead of sprintf for simple cases a4d5e8a2 libcontainer/ignoreTerminateError: ignore SIGKILL dc424591 libct/(*initProcess).start: fix removing cgroups on error 8699596d libct/(*setnsProcess).Start: use retErr 38447895 libct/cgroups/systemd: eliminate runc/systemd race 6c83d23f libcontainer/cgroups/fscommon: improve doc 31f0f5b7 libct/cg/fscommon.GetCgroupParamUint: improve e76ac1c0 libct/cg/fscommon.GetCgroupParamString: use ReadFile aac4d1f5 libct/cg/fscommon/GetCgroupParamKeyValue: nits d167be29 libct/cgroups/fs2/statHugeTlb: error message nits 2c70d238 libct/intelrdt: add TestFindIntelRdtMountpointDir ab2b5dfa libcontainer/cgroups: use const for templates b7c446b3 checkpoint: setPageServer: use net.SplitHostPort instead of strings.Split f1c1fdf9 libcontainer/intelrdt: use moby/sys/mountinfo 4929c05a tests/int: add cgroupv2 unified resources tests 6e2159be tests/int/cgroups: make sure to rm containers b006f4a1 libct/cgroups: support Cgroups.Resources.Unified 8ceae9f7 libct/cgroups/GetHugePageSize: use Readdirnames 9aff7aae libct/utils: add GetHugePageSize benchmark 30601efa tests/int/spec.bats: simplify 6c21de38 tests/int/spec: only run once for rootless 186a38ba tests/int: whitespace cleanup 792d2c3b tests/int/cgroups.bats: rm unused code 908b7076 tests/int/*.bats: make sure to delete containers 1c3af275 libcontainer: newContainerCapList() refactor to reduce duplicated code 8820a145 libcontainer: initialize slices with length f5c96b74 libcontainer: remove unneeded sprintf and intermediate variable b9e26ad8 libcontainer: remove workaround for RHEL6 kernels 373811ba libcontainer: rename cap variable as it collides with built-in 074e67ad Makefile: fix vendor and verify-dependencies 2ccefa63 restore: tell CRIU to use existing namespaces 71c10e3c vendor: github.com/moby/sys/mountinfo v0.2.0 ba8687fc tests/int/helpers: fix indentation fdb0590c tests/int/helpers: simplify set_cgroup_mount_writable 74b57fea fscommon.WriteFile: simplify error message a3f91b98 vendor: bump runtime-spec b682e8cf vendor: bump fileutils to v0.5.0 d1d13d9a tests/int/checkpoint: don't hide stderr 627074d0 tests/int/checkpoint: rm useless code bca5f24c tests/int/checkpoint.bats: fix showing logs on fail ce24d603 Add integration tests for cgroup devices 8297ae45 Makefile: fix DESTDIR handling dd3e0da3 tests/int/dev.bats: fixes for new busybox bcd30954 tests/int: fix runc exec --preserve-fds ba0246da libcontainer: Store state.json before sync procRun cbb0a793 Make sure signalAllProcesses is invoked in the function of destroy 940e1547 cgroupv1/systemd: (re)use m.paths f075084a cgroupv1/systemd: rework Apply/joinCgroups fad92bbf cgroupv1/Apply: do not overuse d.path/getSubsystemPath 0445fd60 Since no kernels support direct labeling of /dev/mqueue remove label bfb4ea1b Remove check for apparmor_parser in apparmor.IsEnabled() a63f99fc Add support for umask 42d9a6b4 tty.bats: add test cases when stdin is not a tty b79cb048 runc run/exec: fix terminal wrt stdin redirection b8efb020 tests/int/delete.bats: fix shellcheck warnings 28204ce7 tests/int/delete: rm useless code 34b4b106 tests/int: alt fix for shellcheck SC2034 d34f1c81 CI: add shellcheck of bats files f36fb46b tests/int/*bats: ignore SC2016 598d8b73 tests/int/checkpoint.bats: ignore SC2206 08766b98 tests/int/*bats: fix/ignore shellcheck SC2046 4ba4baea tests/int/*bats: fix shellcheck SC2086, SC2006 b02ca2dc tests/int: fix shellcheck warning SC2002 3b80850e tests/int/update.bats: fix a shellcheck warning 612d0790 tests/int/update.bats: fix a shellcheck warning 82836d24 tests/int/cgroups.bats: fix a shellcheck warning 4b8ff6a1 tests/int/checkpoint.bats: ignore some shellcheck warnings ce50e1da test/int/spec.bats: simplify setup/teardown 699fdf89 tests/int/mount.bats: fix a check 85a30698 test/int/hooks.bats: fix here-doc 9a699e1a Skip redundant setup for /dev/ptmx when specified explicitly in the OCI spec. 0709202d Remove runc default devices that overlap with spec devices. 6249136a add libseccomp version to `runc --version` 1d85333a add runtime.Version() to `runc --version` 1e9f8059 cleancode: adjust and make it more readability 335f0806 tests/int/delete: cgroupv1 with sub-cgroups removal case 19be8e5b libct/cgroups.RemovePaths: speedup 3f14242e libct/cgroups: move RemovePath from fs2 254d23b9 libc/cgroups: empty map in RemovePaths bf8bb477 Modify from space to tab Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
a84fa54160 |
runc: update to 1.0.0-rc93
Bumping to the next rc of runc, which comprises the following commits: 1e0016cf Show error stack trace if --debug is set 5c0342ba libcontainer: fix bad conversion from syscall.Errno to error a9e99b6d ci/gha/fedora: retry vagrant up f26768a8 VERSION: back to development 12644e61 VERSION: release 1.0.0~rc93 c348b982 tests/rootless.sh: fix/ignore shellcheck warnings 11437593 tests/rootless.sh: use set -e -u -o pipefail 5ab05884 ci: untangle getting test images bc175ba4 tests/helpers.bash: rm GOPATH dc025792 ci/gha: bump golangci-lint to v1.36 4d3a8d5e .golangci.yml: add 76ae1f5c libct/cg/fs/freezer: fix freezing race c4bc3b08 Remove "PatchAndLoad" stub as it's not used without seccomp enabled 6ddfaa5e cgroupfs: cpuset: fix broken build ca422896 Makefile: add -trimpath go build flag d89c9629 Fix typo in README b1195b76 ci: test with golang 1.16-rc1 164e0adb tests/int/spec.bats: fix for go 1.16 4160d743 seccomp: add enosys unit tests 8bd19cd5 tests: add seccomp -ENOSYS integration test 7a8d7162 seccomp: prepend -ENOSYS stub to all filters 2be806d1 libcontainer/configs: improve CommandHook unit tests f4d153b0 Fix int overflow in test on 32 bit system 4e98eec1 libct/cg: demote "systemd is too old" to debug c7357aad libct/cg/ebpf/testDeviceFilter: rm verbose logging 6a9f5ac9 libct/cg/fs: fix a linter warning 63c44e27 libct/cg/fs: getPageUsageByNUMA: rewrite/optimize e9248dd5 cgroup: fix panic in parse memory.numa_stat 426aa416 libct/int/TestExecInTTY: skip c30cd3cd libct/int/TestExecInTTY: fix error reporting dac0c1e3 console.ClearONLCR: move it back ab27e12c Implement GetStat for cpuset cgroup. 867ba38e events: simplify some conversion functions 8ce51611 GHA: tune timeouts for VM jobs 510e404e make shfmt: run for all script/* files 90d02ecc Vagrantfile.centos7: clean up after bats install a91210f4 gha: use ssh -tt to have a tty 1f4a3b1e gha: don't check commits on push 4a30ada4 gha: cache docker layers to speed up make runcimage 58c31003 README: rm travis badge a21e57d7 tests/int/hooks.bats: skip earlier 657a24ce libct/cg/TestGetHugePageSizeImpl: only log errors 3394e374 libct/cg/sd/TestRangeToBits: be less verbose 230a46b7 systemd: fix rootful-in-userns regression c751ba3f systemd: show more helpful error a35cad3b libct/cg/sd/v2: warn about old systemd 03b512e5 libc/cg: convert r.CPU.Cpus/Mems to systemd props eee425f5 libct/cg/sd/systemdVersion: don't return error 5de00ad9 tests/int/multi-arch.bash: fix for busybox b3cf4831 script/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED 1a00cd8f script/check-config.sh: fix MEMCG_SWAP_ENABLED ecb9d73c script/check-config.sh: fix NF_NAT_NEEDED 483abaac script/check-config.sh: fix NF_NAT_IPV4 91eba84a script/check-config.sh: support for cgroupv2 25987d03 libcontainer/intelrdt: adjust the file mode c8e89b8d Remove script/install-vagrant.sh 06a684d6 libct/int/TestExecInTTY: repeat the test 300 times fedaa2ab TestExecInTTY: simplify, improve error reporting 719d70d2 setupIO: simplify code 24c05b71 tty: fix ClearONLCR race 039c47ab libcontainer: signalAllProcesses(): log warning when failing to thaw 18972177 libcontainer: move capabilities to separate package 692fab09 libct/checkProcMounts: optimize 72f46389 libct: add TODO about os.ErrProcessDone d7df3018 libct: suppress bogus "unable to terminate" warnings 637f82d6 runc run: resolve tmpfs mount dest in container scope d64c3afe tests/int/mount.bats: reformat a2c9866e tests/int/mounts.bats: cleanup 9f2153c6 libct/cgroups/fs/cpuset: don't use MkdirAll c85cd2b3 libct/cg/fs/cpuset: don't parse mountinfo c0e14b8b libct/cg/fs.getCgroupRoot: reuse (cached) cgroup mountinfo ed70dfa7 libct/cgroups/v1_utils: implement mountinfo cache 17a0dc31 README: add note about not using runc directly 4bc2aab9 README: add links to misc docs 2dc1bf91 ci: move Fedora 33 and CentOS 7 tests to gha e431fe60 ci: move misc validate tasks from travis to gha 7ecba232 ci: move cross compile check from travis to gha 8ccd39a9 ci: move commit length check from travis to gha 1125ae78 tests/events.bats: unify duplicated code 27268b1a tests/int/cwd: add test case for cwd not owned by runc d869d05a libctr/init_linux: reorder chdir 8bd3b878 test: add case for GH #2086 cb3dd9d8 libct/configs/validate: test for bind-mounted netns 8e8661e1 libct/configs/validate/sysctl: fix repeated netns checks 2dce0699 libct/configs/validate: fix host netns check 2143b368 libct/int/execin_tty: do help debug a flake e709b8ab libctl/cgroups/fscommon: close fd 325a74dd libcontainer/intelrdt: rm init() from intelrdt.go cb269306 remove "selinux" build tag (Always compile SELinux support) 552a1c7b remove "apparmor" build tag (Always compile AppArmor support) 48b8eb09 checkProcMount: add /proc/slabinfo to whitelist 1909051b libct/int/execin_tty: help debug a flake 97929295 libct/intelrdt: fix a staticcheck warning 6437086e libct/addCriu*Mount: fix gosimple warning d0b59548 libct/checkCriuFeatures: fix gosimple linter warning 3de5c514 libct/int: don't hardcode CAP_NET_ADMIN 3387422b libct/int: fix "simple" linter warnings 11680cd2 libct: fix "unused" linter warning a99ecc9e libct/cg/utils: silence a linter warning 3c9b03fd libct/cg/fscommon: log openat2 init failures 6bda4600 libcontainer/cgroups/fscommon: add openat2 support 31b0151f move blkio stat gathering to loop 990a6c57 cgroups: update blkio GetStats be56333f bats: update to 1.2.1 f15c4cca Update umoci to 0.4.6 4344bd8f Dockerfile: use binary criu release 3aead32e nsenter: hard-code memfd_create(2) syscall numbers 5d1b0268 .github/workflows/validate: nits 7cd062d7 libct/cgroup/utils: fix GetCgroupMounts(all=true) 4fc2de77 libcontainer/devices: remove "Device" prefix from types 677baf22 libcontainer: isolate libcontainer/devices de80aae4 recvtty: fix errcheck linter warnings 6b41b463 recvtty: fix waiting for both goroutines 4bbfd2e1 recvtty: use ioutil.Discard c1ef0cf6 ci: add integration+unit tests to github actions fce8dd4d tests/int/tty.bats: increase timeout c6ed1854 ci: add shellcheck to github actions 27835a9e Makefile: move shellcheck out of validate 33bda24a ci: move verify-deps from travis to github actions c60f23b3 ci: add shfmt to github actions 717a73b3 ci: renamed golangci-lint to validate 06b204e5 Makefile: move shfmt out of validate, add -w 7856c340 Dockerfile: bump criu to 3.15 ee1bdb80 vendor: github.com/cilium/ebpf v0.2.0 f0d5e839 Dockefile: fix path to skopeo repo d9010b0e integration: update README to link to bats-core 3f2f06df Move cgroup v2 out of experimental f62ad4a0 libcontainer/intelrdt: rename CAT and MBA enabled flags 620f4c5c libcontainer/intelrdt: fix CMT feature check 896da0b9 docs: terminals: modify the example of Pass-Through mode. 4690064f update vendor 9403afd7 CI: Fedora 33: print kernel version, systemd version, and rootfs type 0a097615 CI: update Fedora to 33 41aa7640 linux: drop MS_REC for readonly remount a4e6955e linux: fix remount readonly in a user namespace 2e968a83 libct/cg/sd/v2: "support" (ignore) memory.oom.group c013be56 libct/cg/sd/v2: support memory.* / Memory* unified 13afa58d libct/cg/sd/v2: support cpuset.* / Allowed* 5be8b97a libct/cg/sd/v2: support cpu.weight / CPUWeight 390a98f3 runc update: support unified resources ab80eb32 libct/cg/sd/v2: support cpu.max unified resource 7f24098d tests/int: move check_cpu* to helpers fd5226d0 libct/cg/sd: add defCPUQuotaPeriod 0cb8bf67 Initial v2 resources.unified systemd support ed548376 tests/int/update.bats: add checks for runc status d0991db2 tests/int/cgroups.bats: reformatting a66a8238 ci: pin shfmt to v3.2.0 2ceb9719 tests/integration: rm excessive run use e32716d3 tests/int: simplify teardown_running_container c114919f tests/int: fix "runc exec --preserve-fds" 7b8c4e98 shfmt mounts.bats to pass `make validate` ac5ec5e3 libcontainer/integration: fix unit test f5c345c3 test: add "runc run --no-pivot must not expose bare /proc" 17de6f80 vendor: bump mountinfo to v0.4.0 70538b39 Update bash completion to support systemd-cgroup 933c4d31 libcontainer/intelrdt: privatize IntelRdtManager and its fields 2c004a10 libcontainer/intelrdt: introduce NewManager() abcc1aae fix some typos about libcontainer 939ad4e3 don't panic when /sys/fs/cgroup is missing for rootless 7613c718 Update bash completion to support new capabilities b8bf5728 rootfs: handle nested procfs mounts for MS_MOVE 5903b0ce libcontainer/intelrdt: remove 'omitempty' property from CMT and MBM counters 0253a08d CI: add shfmt for sh files ff9852c4 *.sh: use shfmt 069fddfa CI: add shfmt for bats fc8c7797 tests/integration/*.bats: reformat with shfmt 0aa0fae3 Kill all processes in cgroup even if init process Wait fails 978fa6e9 Fixing some lint issues f0fdde79 libct/cg/systemd/v1: fix err check in enableKmem c1bba720 libct/cg/systemd/v1: do not use c.Path fa47f958 libct/int/newTemplateConfig: add systemd support 9135d99c libct/int/newTemplateConfig: add userns param 73d93eeb libct/int: make newTemplateConfig argument a struct fb4c27c4 Fix mount error when chmod RO tmpfs 002c92f1 libct/cg.WriteCgroupProc: use fscommon.OpenFile c95e6900 libct/cg/fs*: use fscommon.OpenFile d55729f1 libct/cg/fs/blkio: use fscommon.OpenFile 0228226e libcontainer/cgroups/fscommon: introduce OpenFile b4483305 Add error message e25b8cfc libct/cg/utils: use fscommon.ReadFile 6bae53f5 libct/cg/fs2: use fscommon.ReadFile 2588e6f1 libct/cg/fs/cpuset: use fscommon.ReadFile 1d20cf49 libct/cg/fs/cpuacct: use fscommon.ReadFile 9e78b66e libct/cg/systemd/v1.enableKmem: use fscommon.ReadFile 31634436 libct/cg/fs2.CreateCgroupPath: use fscommon.*File b7092d84 libct/cg/fs.setKernelMemory: use fscommon.WriteFile 619de977 libct/cg/fscommon_test: rm cgroups dependency ede8a86e Convert root path to absolute path on create command e8eb8000 fix some linting issues fcf210d6 Fix goreport warnings of ineffassign and misspell 644c107e libcontainer/intelrdt: modify the incorrect file mode 87412ee4 vendor: bump mountinfo v0.3.1 28b452bf libcontainer: unconvert b3a8b074 libcontainer: prefer bytes.TrimSpace() over strings.TrimSpace() 3d5dec2f libcontainer: remove the unused variable from spec b76652fb libcontainer: remove `removePath` from cgroups faaecac7 libcontainer: remove loadConfig which is the unused function c6ac3c4b libcontainer/system: remove deprecated GetProcessStartTime 3eb469b0 libcontainer: remove redundant strings.Join() bc9a7bda setFreezer: explicitly return nil 2a644a7d CI: add golangci-lint via github actions 360981ae libct/cgroups: rewrite getHugePageSizeFromFilenames 819fd683 go.mod: sirupsen/logrus v1.7.0 0eb66c95 go.mod: github.com/containerd/console v1.0.1 8bf21672 use string-concatenation instead of sprintf for simple cases a4d5e8a2 libcontainer/ignoreTerminateError: ignore SIGKILL dc424591 libct/(*initProcess).start: fix removing cgroups on error 8699596d libct/(*setnsProcess).Start: use retErr 38447895 libct/cgroups/systemd: eliminate runc/systemd race 6c83d23f libcontainer/cgroups/fscommon: improve doc 31f0f5b7 libct/cg/fscommon.GetCgroupParamUint: improve e76ac1c0 libct/cg/fscommon.GetCgroupParamString: use ReadFile aac4d1f5 libct/cg/fscommon/GetCgroupParamKeyValue: nits d167be29 libct/cgroups/fs2/statHugeTlb: error message nits 2c70d238 libct/intelrdt: add TestFindIntelRdtMountpointDir ab2b5dfa libcontainer/cgroups: use const for templates b7c446b3 checkpoint: setPageServer: use net.SplitHostPort instead of strings.Split f1c1fdf9 libcontainer/intelrdt: use moby/sys/mountinfo 4929c05a tests/int: add cgroupv2 unified resources tests 6e2159be tests/int/cgroups: make sure to rm containers b006f4a1 libct/cgroups: support Cgroups.Resources.Unified 8ceae9f7 libct/cgroups/GetHugePageSize: use Readdirnames 9aff7aae libct/utils: add GetHugePageSize benchmark 30601efa tests/int/spec.bats: simplify 6c21de38 tests/int/spec: only run once for rootless 186a38ba tests/int: whitespace cleanup 792d2c3b tests/int/cgroups.bats: rm unused code 908b7076 tests/int/*.bats: make sure to delete containers 1c3af275 libcontainer: newContainerCapList() refactor to reduce duplicated code 8820a145 libcontainer: initialize slices with length f5c96b74 libcontainer: remove unneeded sprintf and intermediate variable b9e26ad8 libcontainer: remove workaround for RHEL6 kernels 373811ba libcontainer: rename cap variable as it collides with built-in 074e67ad Makefile: fix vendor and verify-dependencies 2ccefa63 restore: tell CRIU to use existing namespaces 71c10e3c vendor: github.com/moby/sys/mountinfo v0.2.0 ba8687fc tests/int/helpers: fix indentation fdb0590c tests/int/helpers: simplify set_cgroup_mount_writable 74b57fea fscommon.WriteFile: simplify error message a3f91b98 vendor: bump runtime-spec b682e8cf vendor: bump fileutils to v0.5.0 d1d13d9a tests/int/checkpoint: don't hide stderr 627074d0 tests/int/checkpoint: rm useless code bca5f24c tests/int/checkpoint.bats: fix showing logs on fail ce24d603 Add integration tests for cgroup devices 8297ae45 Makefile: fix DESTDIR handling dd3e0da3 tests/int/dev.bats: fixes for new busybox bcd30954 tests/int: fix runc exec --preserve-fds ba0246da libcontainer: Store state.json before sync procRun cbb0a793 Make sure signalAllProcesses is invoked in the function of destroy 940e1547 cgroupv1/systemd: (re)use m.paths f075084a cgroupv1/systemd: rework Apply/joinCgroups fad92bbf cgroupv1/Apply: do not overuse d.path/getSubsystemPath 0445fd60 Since no kernels support direct labeling of /dev/mqueue remove label bfb4ea1b Remove check for apparmor_parser in apparmor.IsEnabled() a63f99fc Add support for umask 42d9a6b4 tty.bats: add test cases when stdin is not a tty b79cb048 runc run/exec: fix terminal wrt stdin redirection b8efb020 tests/int/delete.bats: fix shellcheck warnings 28204ce7 tests/int/delete: rm useless code 34b4b106 tests/int: alt fix for shellcheck SC2034 d34f1c81 CI: add shellcheck of bats files f36fb46b tests/int/*bats: ignore SC2016 598d8b73 tests/int/checkpoint.bats: ignore SC2206 08766b98 tests/int/*bats: fix/ignore shellcheck SC2046 4ba4baea tests/int/*bats: fix shellcheck SC2086, SC2006 b02ca2dc tests/int: fix shellcheck warning SC2002 3b80850e tests/int/update.bats: fix a shellcheck warning 612d0790 tests/int/update.bats: fix a shellcheck warning 82836d24 tests/int/cgroups.bats: fix a shellcheck warning 4b8ff6a1 tests/int/checkpoint.bats: ignore some shellcheck warnings ce50e1da test/int/spec.bats: simplify setup/teardown 699fdf89 tests/int/mount.bats: fix a check 85a30698 test/int/hooks.bats: fix here-doc 9a699e1a Skip redundant setup for /dev/ptmx when specified explicitly in the OCI spec. 0709202d Remove runc default devices that overlap with spec devices. 6249136a add libseccomp version to `runc --version` 1d85333a add runtime.Version() to `runc --version` 1e9f8059 cleancode: adjust and make it more readability 335f0806 tests/int/delete: cgroupv1 with sub-cgroups removal case 19be8e5b libct/cgroups.RemovePaths: speedup 3f14242e libct/cgroups: move RemovePath from fs2 254d23b9 libc/cgroups: empty map in RemovePaths bf8bb477 Modify from space to tab Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d2081b09b8 |
docker/moby: update to 20.10.3
Updating to the 20.x series for moby. The following moby commits: 519a55f491 TestCgroupNamespacesRunOlderClient: support cgroup v2 b6a6a35684 docker info: adjust warning strings for cgroup v2 25bd941ae4 docker info: silence unhandleable warnings 58283298d7 rootless: set systemd KillMode to mixed 46229ca1d8 Use golang.org/x/sys/execabs a7d4af84bd pull: Validate layer digest format 611eb6ffb3 buildkit: Apply apparmor profile 4afe620fac vendor buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 e908cc3901 Use real root with 0701 perms bfedd27259 Do not set DOCKER_TMP to be owned by remapped root edb62a3ace Ensure MkdirAllAndChown also sets perms 1c0af18c6c vendor: opencontainers/selinux v1.8.0, and remove selinux build-tag and stubs 4a175fd050 Cleanup container shutdown check and add test ab06bb3ec0 vendor: opencontainers/selinux v1.7.0 f3d0f7054d cmd/dockerd: sd_notify STOPPING=1 when shutting down c923f6ac3b Fix off-by-one bug 1c5806cf57 Move use of debian:buster frozen image to debian:bullseye af0665861b Fix a potential hang when starting after a non-clean shutdown 7ba1af38b8 TESTING.md: note that integration-cli is deprecated a0fc7a4b46 TESTING.md: Fix path the test environment conditions f2f5106c92 Add a test for #41723 b314e901d8 Add IsUserNamespaceInKernel() test environment condition 58a4c03fed Add debian:bullseye to frozen images 188a691db7 fuse-overlayfs: fix godoc 295fb1c35e Fix jobs mode filter spelling 78eafdd947 Vendor in Libnetwork changes 7e600eaae0 daemon: improve log messages during startup / shutdown e8648fa19f plugin/manager_linux_test: Skip privileged tests when non-root c7e7426796 pkg/chrootarchive: Skip privileged tests when non-root 6349b32e1b daemon/oci_linux_test: Skip privileged tests when non-root a02553670e vendor buildkit to v0.8.1 5fd8d701ce Vendor in libnetwork changes 9122cd1a75 docs: add API v1.41 5458b0e435 Revert "Add multi-user.target to After=" 495d623ae5 Add fallback for pull by tag 34682e536e vendor: BuildKit 950603da215ae03b843f3f66fbe86c4876a6f5a1 15accb8376 vendor: remove vendored golang.org/x/tools, as it's not needed cd63cc846e mark ip6tables as experimental feature dd752ec87a Fix jobs-related bug in task conversion 0a8c769268 update containerd binary to v1.4.3 (CVE-2020-15257) 2680a0fe2c Networking: add regression test for networks endpoint with trailing slash f9b2989e97 Fix permissions on oci fixtures files 703951197c update containerd binary to v1.4.2 22e31dbd9a vendor libnetwork to fix mix up between IPv4 and IPv6 ab09458e21 dockerd-rootless-setuptool.sh: show more helpful error messages 776cadc7db vendor: gotest.tools v3.0.3 aeddf93de0 Implement Unwrap to errors 73571e4689 vendor: github.com/moby/buildkit v0.8.0-rc2 1f88736871 vendor: github.com/containerd/containerd 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 8eebe32f5c vendor: github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 ba475d44a7 vendor: github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb 37da117aba vendor: github.com/containerd/ttrpc v1.0.2 1725a1493e vendor github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 fa592fa7b2 vendor: golang.org/x/crypto c1f2f97bffc9c53fc40a1a28a5b460094c0050d9 c7f0b509cf vendor: github.com/moby/term bea5bbe245bf407372d477f1361d2ff042d2f556 2630994b35 Bump libnetwork dbffbe8f9b builder-next: fix platform-specific behavior f4214ec847 vendor: github.com/Microsoft/go-winio v0.4.15 was tagged 05c20a6e1c handleContainerExit: put a timeout on containerd DeleteTask beff0a5f2c integration-cli: remove TestBuildContChar 39f9c1b5d1 builder-next: fix --cache-from panic 8f464ae2ab builder-next: refactor to use flighcontrol and remove resolveOnce 1b1eb094cc builder-next: simple refactor 3756668adb builder-next: Refactor using buildkit's resolver pool de56a90929 vendor buildkit 6861f17f15364de0fe1fd1e6e8da07598a485123 f7bcb02f67 seccomp: Add pidfd_getfd syscall 5e3ffe6464 seccomp: Add pidfd_open and pidfd_send_signal 2b41e84719 pkg/system: fix compile on darwin (macOS) b4b902b88f Jenkinsfile: remove e2e image stage 6d243cdf27 testutil: remove remaining use of deprecated pkg/mount 43d61d2bcf [DEL] remove useless assert 6458f750e1 use containerd/cgroups to detect cgroups v2 7ba05f2b2b Rewrite VolumesMountedAsShared/Slave as Integration tests 7bb729e928 Break out non-Windows sys/mount usage into helper 3e3f3d7168 Move tests using sys/mount to not build on Windows a158b53d86 Separate non-Windows mount code from common code 080d9df63e Don't clear the exit code from the Finally block 1bb3491601 builder: fix detection of experimental --stream option (deprecated) 51f5b1279d Don't set image on containerd container. d99e8d2c3b Unhide containerd-namespace flags 9ca3bb632e Store image manifests in containerd content store 66459cc623 Added ip6tables config option c6accc67f2 bump up rootlesskit to v0.11.0 dfc2d770e4 Update iptable.Exists API in integration-cli 53727ce2f0 vendor: github.com/creack/pty v1.1.11 dc3c382b34 replace pkg/symlink with github.com/moby/sys/symlink c208f03fbd pkg/devicemapper: fix invalid usage of reflect.SliceHeader 6a5393636e opts: unify host-options, and use consts 80a5df9c49 Added container ID to containerd task delete event messages 053962af92 Move HostGatewayName const to opts, and change vars to consts e4cf1c7336 pull: use tag service for pulling tagged reference e766361271 pkg/mount: update deprecated wrappers 32d506b394 vendor: moby/sys mountinfo/v0.4.0 182795cff6 Do not call mount.RecursiveUnmount() on Windows 1623e6b222 Vendor in Libnetwork changes ac84f1b55f registry.loginV2(): minor cleanup b102d4637c Fix windows log file rotation with readers bcc993b494 Fix logfile to open all files with custom openFile 56ba96b6c1 Clean up some logfile implementation 3148a46657 Fix various race conditions in loggerutils 93bd2c1336 contrib: remove download-frozen-image-v1 script b90ef1237e registry: minor cleanup in search code 3f7c62f6f6 registry: remove v1 code not related to searching 0ba2d7c625 registry: remove TestSameAuthDataPostSave 32eaf4690a registry: DefaultService.Auth(): skip parsing default registry 7782d04141 registry: remove v1 authentication ab47fd2f72 registry: use consts for default registry 1a1f5cc37b Pass through GOCACHE to test_env 8cc0fd811e docs: fix builder-version swagger 1b8826beee docker stats: fix 'panic: close of closed channel' 6f0709e033 vendor: golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1 4680836f80 vendor: github.com/containerd/console v1.0.1 88c0271605 Don't set default platform on container create 80c3199c18 vendor: github.com/spf13/cobra v1.1.1 561b8014c0 testutil: set -500 OOM score for test daemons 2b8e68ef06 dockerd: remove default -500 oom-score-adjust a6129c57e6 Bump vndr v0.1.2 a38b96b8cd Temporarily disable CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE 5338478546 Dockerfile: fix golang-ci-lint installer f14aea63c9 "Fix" checkpoint on v2 runtime 654cad4d9d Also trim "~..." from AppArmor versions f6f294bd83 testing: Init plugin config when for tests 4539e7f0eb seccomp: implement marshal/unmarshall for MinVersion 6b538ffbca vendor: github.com/gofrs/flock v0.7.3 cf7a5be0f2 daemon: don't adjust oom-score if score is 0 8c31e4536a volume/local: add tests for size quota 2e05db981b quota: move test helper functions to extra file 6d593fe6cc volume/local: decouple presence of options from mounting c677e4cc87 quota: move quota package out of graphdriver 6f1553625d projectquota: build types and unsupported stubs everywhere 31ed121cb8 projectquota: sync next projectID across Control instances 963e5afc04 Update documentation to reflect deprecation of "NewEnvClient" a692823413 seccomp: add test for unmarshal default profile 97535c6c2b seccomp: remove dependency on pkg/parsers/kernel ee079e4692 pkg/aaparser: support parsing version like "3.0.0-beta1" a3256d2dd8 bump google.golang.org/api v0.8.0 2971204e43 bump go.opencensus.io v0.22.3 bbde240ce0 bump cloud.google.com/go v-0.44.3 ef553e14a4 Fix gcplogs memory/connection leak c9bbf37f85 vendor: sirupsen/logrus v1.7.0 2036b277a5 Add TARGETARCH var to frozen images stage c9c7756301 oci: add tests for loading seccomp profiles 56e7bc4b78 seccomp: remove dependency on oci package dedf8528a5 Allow download-frozen-images to work without `go` b8aec34680 seccomp: add test for loading old JSON format 5f5285a6e2 Sterner warnings for unathenticated tcp 7afef854ed api: clarify "v" option behavior in the container remove endpoint 7335167340 Remove redundant "os.IsNotExist" checks on os.RemoveAll() 5a7b75f889 daemon/graphdriver/copy: use IoctlFileClone from golang.org/x/sys/unix 6267800783 vendor: golang.org/x/sys aee5d888a86055dc6ab0342f9cdc7b53aaeaec62 2502db66d0 pkg/system: make EnsureRemoveAll unix-specific 88126e84a5 Force Download-File function to use TLS 1.2 66a37b460c Windows: Enable more integration tests 35c531db1a Revendor Microsoft/go-winio for 8gB file fix 2dd9faaa16 Enable TestBuildWithHugeFile on Windows 0d75b63987 seccomp: replace types with runtime-spec types 0efee50b95 seccomp: move seccomp types from api into seccomp profile 968133c86c vendor: opencontainers/go-digest v1.0.0 7cdced6f4b vendor.conf: fix tar-split version comment 9fb324f00b vendor: docker/libnetwork d0951081b35fa4216fc4f0064bf065beeb55a74b 89bec2e267 Fix collecting the daemon under test logs 82b5ff8026 Windows CI: Make sure that CI fails on any error 1ed6589e39 vendor: github.com/syndtr/gocapability 42c35b4376354fd554efc7ad35e0b7f94e3a0ffb af3220884e vendor: github.com/containerd/containerd v1.4.1 1371a629d5 update containerd binary to v1.4.1 4ab96db4ab vendor: github.com/moby/term 7f0af18e79f2784809e9cef63d0df5aa2c79d76e 2344b3a9e1 fix integration test case TestExternalGraphDriver failed in mips arch 3d9120f744 Unify same fromStatT() implementation for FreeBSD and NetBSD 41be7293f5 daemon/listeners: use pkg/errors 6efa9e0575 Add support for NetBSD df7031b669 Memoize seccomp value for SysInfo b83dc8e5a2 Remove libseccomp-golang from vendor ccbb00c815 Remove dependency in dockerd on libseccomp dc72890470 Remove "mkimage.sh" and associated scripts 5ca758199d replace pkg/locker with github.com/moby/locker 13e0ba700a swagger: fix MemTotal units in SystemInfo endpoint 16eb522928 vendor: containerd v1.4.0 a8e7115fca Simplify seccomp logic 65a33d02f6 Simplify getUser() to use libcontainer built-in functionality 322c9e6866 add partial metadata to journald logs 245f2d922a vendor: github.com/opencontainers/selinux v1.6.0 fdd22e5628 vendor: github.com/gorilla/mux v1.8.0 d1c2f953c5 Test: Add buffer to two channels to avoid blocking goroutine ea9886cec4 pkg/idtools: refactor to avoid string-splitting 15292d7abf update containerd binary to v1.4.0 a18139111d Add faccessat2 to default seccomp profile. 010adeec55 Builder: print relative path if COPY/ADD source path was not found b8988c8475 Add openat2 to default seccomp profile. c255404a25 opts: simplify ValidateEnv to use os.LookupEnv c353c7cc71 vendor runc library to v1.0.0-rc92 7ab5b00a9c vendor golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4 2ee753a28f vendor golang.org/x/net v0.0.0-20200707034311-ab3426394381 5eccaaceb5 vendor golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 15d38650ee vendor containerd library to v1.4.0-rc.1 cf169b45bb daemon.setupPathsAndSandboxOptions() skip resolving symlinks 3ee1ab87b7 Update docker-py to 4.3.0 906007f6c1 libcontainerd: use cancellable context for events 60d7265803 Use IsServing to determine if c8d client is ready e3ab236309 Add solaris support to lstat 7fd23345c9 Wait for container exit before forcing handler 31d83961e9 Update tini v0.19.0 afd9a6c2b2 builder/remotecontext: use lowercase for error 725eced4e0 apparmor: permit signals from unconfined programs a7c279f203 Add more error message for ops when container limit use an device which not exist 2a6325e310 Bump Golang 1.13.15 2c7b48decd Update runc binary to v1.0.0-rc92 a6b00ed9b9 Update authors and mailmap 0f0c1c04c8 fix TestDaemonNoSpaceLeftOnDeviceError for mips64le 43d13054c5 update containerd to v1.3.7 8ccb46a521 Check for context error that is wrapped in url.Error ad30ef9113 Supplement the omission of pr#41145 6302dbbf46 Disable manifest v2 schema 1 push 9f28837c1d vendor protobuf v1.3.5 c00d4907da vendor prometheus dependency. e58a00211d vendor bbolt v1.3.5 9ad35b7e69 vendor runc 67169a9d43456ff0d5ae12b967acb8e366e2f181 9424eccfcd vendor containerd 779ef60231a555f7eb9ba82b052d59b69ca2ef10 51e3cd4761 statsV2: implement Failcnt 0592aac95c vendor: update containerd/cgroups 0ca7456e52 Add multi-user.target to After= bd0c2b3581 oci/deviceCgroup(): remove redundant variable 3108ae6226 oci: correctly use user.GetExecUser interface c76f380bea Add ulimits support to services 2b22a2e792 fix buildkit pull nil panic 1fdb1033c4 Bump swarmkit to d6592ddefd8a5319aadff74c558b816b1a0b2590 818bad6ef2 vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202 36b1920e56 vendor: docker/swarmkit 293aa2e66279a930999044cbf6d0e590baac16ff c458bca6dc Handle missing c8d task on stop afdf5483c9 vendor: update containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 51c7992928 API: add "prune" events 5bc41368d9 bump up rootlesskit to v0.10.0 aa225972df Remove apt.dockerproject.org from test f2cc755f66 docs: API v1.39: move system version response to definitions e221931ccd docs: API v1.40: move system version response to definitions d4c4323e54 swagger: move system version response to definitions 24f173a003 Replace service "Capabilities" w/ add/drop API 9a6402d761 docs: API v1.39: fix type for BuildCache CreatedAt and LastUsedAt a305abb1d1 docs: API v1.40: fix type for BuildCache CreatedAt and LastUsedAt 61b770a63d swagger: fix type for BuildCache CreatedAt and LastUsedAt b8ca7de823 Deprecate KernelMemory a8b2272ab3 swagger: sync updates to v1.39 1e89ca40ba swagger: sync updates to v1.40 baa321293f Revendor swarmkit 441211986c docs: add example calculations to container stats API c8008bfbe9 fix address pool flags merge #40388 8774804ca7 vendor: update buildkit to 4d1f260e8 c161d6564d api/types: omit empty DefaultAddressPools d4b3e786ed docs: add mention of DefaultAddressPools to API history 9c66a2f4e1 Bump Golang 1.13.14 bf4a5982f0 testing: bump docker-py 4.2.2 c6d860ace6 Fix log file rotation test. bf7fd015f7 Remove unused useShimV2() bc4f242e79 Bump Go 1.13.13 0b14c2b67a cgroup v1: change the default runtime to io.containerd.runc.v2 c9c9e0ab90 pkg/parsers: remove uses of mattn/go-shellwords 818e0b2fcf pkg/parsers: add unit test for Darwin c88a830507 distribution/xfer: use "main" instead of "master" for progress channel 3895dd585f Replace uses of blacklist/whitelist f63f73a4a8 Configure shims from runtime config 6fd94aa933 Fix lint error on sprintf call for runtime string 219e7e7ddc vendor: libnetwork 9e99af28df21367340c95a3863e31808d689c92a b42ac8d370 daemon/stats: use const for clockTicksPerSecond 840a12ac90 Add DefaultAddressPools to docker info #40388 2865478487 Revendor hcsshim to fix image import bug 63382e5f3b docs: sync API v1.39 swagger formatting with current version 01244e85e7 docs: sync API v1.40 swagger formatting with current version d4d62b658d swagger: add DeviceRequests to container create, inspect example 89876e8165 swagger: move NetworkingConfig to definitions 91ca3e7a8d update runc binary to v1.0.0-rc91 85e3dddccd update containerd to v1.3.6 d2e23405be Set minimum memory limit to 6M, to account for higher startup memory use 228d74842f Upgrading the versions of images in Dockerfile. 97708281eb info: improve "WARNING: Running in rootless-mode without cgroup" 3258d565cf Fix status code for missing --volumes-from container 0e915e5413 update containerd to v1.3.5 3b80af727a fix typos and grammar in docs e3cff19dd1 Untangle CPU RT controller init afbeaf6f29 pkg/sysinfo: rm duplicates a9d22cad93 hack/install: build gotestsum without -buildmode=pie 20570d91c8 Dockerfile.windows: fix gotestsum.installer installing wrong version 441aff3a17 fix gotestsum.installer installing wrong version d0d99b04cf seccomp: allow 'rseq' syscall in default seccomp profile 794aa20983 dockerd-rootless.sh: support containerd v1.4 shim socket path convention ab6b92b6b2 chrootarchive: fix "conversion from int to string yields a string of one rune" 671459a989 Switch all Dockerfiles to use "buster" variant a8ae48d94f project: remove obviously outdated docs c66c5f4904 contrib: remove docker-machine-install-bundle.sh 32b4590b23 contrib: remove REVIEWERS files 45eb4e0d80 contrib: remove outdated vagrant docs 6b6af2abd9 contrib: remove outdated "desktop-integration" examples 6743320a12 dockerd-rootless.sh: allow specifying DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER c3acd082c7 TestUserNoEffectiveCapabilitiesNetBindService: conditionally set net.ipv4.ip_unprivileged_port_start ed89041433 test-integration: support cgroup2 87a7fc1ced Enable client on netbsd and dragonfly 87b8947580 TestDaemonDNSFallback: increase timeout to reduce flakiness 3e2965831f vendor: golang.org/x/text v0.3.3 5d97de47ec dockerd-rootless-setuptool.sh: use safer XRD on non-systemd hosts e07a88c95f fix code note when push all tags 9b28939345 vendor: update buildkit to df35e9818 66bb1c4644 pkg/sysinfo: use containerd/sys to detect UserNamespaces 9ff990a2b9 pkg/chrootarchive: use containerd/sys to detect UserNamespaces f7d5d70e44 pkg/archive: use containerd/sys to detect UserNamespaces 4534a7afc3 daemon: use containerd/sys to detect UserNamespaces 79cfcba76c cgroup2: unshare cgroupns by default regardless to API version 6fabb93f73 Make script pass shellcheck 56de0489fc int-cli/TestRunInvalidCPUShares: fix for newer runc d378625554 info: add warnings about missing blkio cgroup support 004fd7be92 Bump Golang 1.13.12 96556854a7 Fixes #41010 skip empty lines 687bdc7c71 API: swarm: move PidsLimit to TaskTemplate.Resources 2befe194af hack: remove useless constants 9b77370213 int/build/TestBuildWithEmptyLayers: prevent panic dae652e2e5 Add default sysctls to allow ping sockets and privileged ports with no capabilities a1afad3aab api/types: remove errdefs dependency f758d598c5 make install: install containerd-shim-runc-v2 7ad0da7051 remove group name from identity mapping 8cc8e26835 testing: bump docker-py 4.2.1 9a78e916ad integration: Add TestDaemonDNSFallback 83199187ef vendor libnetwork to 2e24aed516bd5c836e11378bb457dd612aa868ed b280ea114f hack: add more debugging to understand exit codepath a9569f5243 vendor: opencontainers/selinux v1.5.2 a366fe41cb fix "stat.Rdev" invalid operation mismatched types on mips64el compile error the "stat.Rdev" variable and "s.Rdev" mismatched types on mips64el convert "stat.Rdev" type to uint64 explicitly a5324d6950 Better selection of DNS server 288ed93dc5 daemon.allocateNetwork: include original error in logs 84ef60cba2 allocateNetwork: don't assign unneeded variables b98b8df886 allocateNetwork: fix network sandbox not cleaned up on failure d5da7e5330 pkg/sysinfo/sysinfo_linux.go: fix some comments f02a53d6b9 pkg/sysinfo.applyPIDSCgroupInfo: optimize 0c350e87a0 ldmode=pie is not supported for the mips arch reference: https://github.com/docker/cli/pull/2507 |
||
|
Bruce Ashfield
|
0441042812 |
docker-ce: update to v19.03.15-ce
The following docker-ce commits are in this bump: 8ba93ae231 centos-8: work around CentOS repo bug preventing to enable PowerTools b61c54e644 CentOS 8: manually import GPG key 7c5dfa21ab Bump VERSION to 19.03.15 c48e2f23e4 context: Add tarball e2e tests 51b4c45634 context: Ensure context name is valid on import 6a4daa87e5 context: Ensure import paths are valid 736dcbb76c pull: Validate layer digest format e0b182f9fd buildkit: Apply apparmor profile e2fc17e3cd vendor buildkit 396bfe20b590914cd77945ef0d70d976a0ed093c 77ef9e3963 Use real root with 0701 perms bb9d1ea5f7 Do not set DOCKER_TMP to be owned by remapped root 65f17f139b Ensure MkdirAllAndChown also sets perms bc73c89f8b docs: un-wrap line to prevent YAML docs from using "compact" formatting 6cfdb61f0a Bump VERSION to 19.03.14 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
eabacfd248 |
kernel: drop 5.8 configs
The 5.8 kernel is being dropped in oe-core, which means we don't test the 5.8 integration any more .. so we drop the .inc for the configs. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Daniel Dragomir
|
33ebe1ac39 |
lxc: Fix postinstall script for read-only rootfs
Ensure postinstall script for lxc-networking package can run at build time for a read-only rootfs (with sysvinit). Signed-off-by: Daniel Dragomir <Daniel.Dragomir@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
29a8122f47 |
kernel: add 5.10 include file
oe-core now has a 5.10 reference kernel, so we need a 5.10 include file to pick up our configurations. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
b8aa31c8c9 |
ceph: uprev v15.2.0 -> v15.2.8
Removed patches that are contained in newer version. Contains fixes to CVES: CVE-2020-27781 CVE 2020-25660 CVE-2020-10753 CVE-2020-10736 CVE-2020-1759 CVE-2020-1760 Built and run tested. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Christopher Clark
|
1ebde9be9a |
xen, linux-yocto-dev, RPi4: weaker assign for KBRANCH and KMACHINE
Switch to use ?= to set KBRANCH_raspberrypi4-64 to make it easier to override elsewhere when needed for switching to a different kernel branch. Also make the same change for KMACHINE_raspberrypi4-64 to match how it is assigned in the meta-yocto-bsp layer. Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cf5a9a95cc |
moby: update to v19.03.14
Incorporating the following moby commits: d3c5506330 update containerd binary to v1.3.9 (address CVE-2020-15257) 1babdf81e7 update containerd binary to v1.3.8 f80f6304e2 Bump libnetwork 4b181db52b bump up rootlesskit to v0.11.0 7487dca8a5 docs: fix builder-version swagger c7253a0e1a dockerd-rootless.sh: support containerd v1.4 shim socket path convention 88eec2e811 Also trim "~..." from AppArmor versions ecd3baca25 pkg/aaparser: support parsing version like "3.0.0-beta1" 74c0c5b7f1 Fix gcplogs memory/connection leak 5f32bd9ced awslogs: Update aws-sdk-go to support IMDSv2 8cf9d50fc0 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc a4e96a486f swagger: fix MemTotal units in SystemInfo endpoint 9fe291827a Bump Golang 1.13.15 a15a770e1b update containerd to v1.3.7 9380ec7397 update containerd to v1.3.6 80cef48453 update containerd to v1.3.5 fc8f88dc14 update containerd to v1.3.4 89a4208757 update containerd binary to v1.3.3 490c45b756 Update containerd to v1.3.2 56d897347d Update containerd to v1.3.1 d4c63720e9 update containerd binary v1.3.0 ec14dc44d1 Fix log file rotation test. a958fc3e65 Fix flakey test for log file rotate. 89da709cb7 Check for context error that is wrapped in url.Error 83baeafc3c oci: correctly use user.GetExecUser interface dae08c333e vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202 93cb737687 [19.03] vendor: vishvananda/netns 0a2b9b5464df8343199164a0321edf3313202f7e and the following libnetwork commits: 90990763 service_linux: Fix null dereference in findLBEndpointSandbox 8565f0b1 log error instead if disabling IPv6 router advertisement failed and finally, the following cli commits: 01fc5a1ec3 Replace deprecated instruction 3b3e295c4b docs: update 20.03 -> 20.10 in deprecated.md d1b44aa298 docs: fix broken links in build reference 20bc15f618 docs/deprecated: remove minor versions 3172219932 docs: deprecate CLI options for experimental CLI features f132c8ad4a docs: add /go/experimental/ vanity URL df5ca0c950 docs: fix generated YAML due to trailing whitespace 5057d34272 docs: update URL for security landing page 278f30b82b Add test-case for env with, and without = f526bcdb53 builder: add note about alternative syntax 10973d6ddf builder: rephrase ENV section, remove examples for ENV key value without '=' 8c8fb03f15 docs: fix "docker logs" example missing container name c9a03ab5f4 Bash-completion: add CAP_AUDIT_READ ffa0e1d36e docs: document CAP_AUDIT_READ 3d74f7ab48 docs: document optional "CAP_" prefix for capabilities 0a207d5095 docs: sort list of capabilities alphabetically 75411a2233 Complete capabilites with and without "CAP_" prefix. 896eb7123a [19.03] vendor: stop using docker/engine fork for vendoring aebe8b0660 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc d6b05747dd [19.03] vendor: tonistiigi/fsutil v0.0.0-20191018213012-0f039a052ca1 9a65c1c861 docs/build: add note about git subdirectories with BuildKit a6c15a5e60 Replace vbom.ml/util with fvbommel/sortorder 36cdb166dc Bump Golang 1.13.15 5c5486d910 Replaces ADD with COPY in the COPY section 9152bf265e docs: remove docs for —-from=index e5e227672b Bump Golang 1.13.14 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
35b9016006 |
docker-ce: update to v19.03.14
Incorporating the following docker-ce commits: 6cfdb61f0a Bump VERSION to 19.03.14 d62f3a4335 update containerd binary to v1.3.9 (address CVE-2020-15257) 223df488a1 update containerd binary to v1.3.8 f1d658df7c Bump libnetwork b42dd308b7 bump up rootlesskit to v0.11.0 ddd056dcd3 docs: fix builder-version swagger 406cc5ef47 Replace deprecated instruction a48b2a414f dockerd-rootless.sh: support containerd v1.4 shim socket path convention de76075442 docs: update 20.03 -> 20.10 in deprecated.md d8fa7ac2c1 Also trim "~..." from AppArmor versions 0a1553c648 pkg/aaparser: support parsing version like "3.0.0-beta1" caae6f925a static: add containerd-shim-runc-v2 94ab0479b0 To allow build for selective distros from top directory. e.g.- for rpm- RHEL_RELEASES= CENTOS_RELEASES= FEDORA_RELEASES=centos-8 make rpm for deb- RASPBIAN_VERSIONS= UBUNTU_VERSIONS= DEBIAN_VERSIONS=ubuntu-xenial make deb 5b7be532be docs: fix broken links in build reference 4afdfee131 Fix gcplogs memory/connection leak f9159f95b9 docs/deprecated: remove minor versions a7d8e5b15e docs: deprecate CLI options for experimental CLI features 265d2d874b docs: add /go/experimental/ vanity URL 45fe9c589c docs: fix generated YAML due to trailing whitespace d54dee5350 docs: update URL for security landing page 8b51565ec3 Add test-case for env with, and without = 4e0e5427b2 builder: add note about alternative syntax fb91a7f7e0 builder: rephrase ENV section, remove examples for ENV key value without '=' 4c5ada19a3 docs: fix "docker logs" example missing container name 5fd841f066 awslogs: Update aws-sdk-go to support IMDSv2 8ff047ef9d Bash-completion: add CAP_AUDIT_READ 12b5d3b4cb docs: document CAP_AUDIT_READ 532ea20102 docs: document optional "CAP_" prefix for capabilities a240747846 docs: sort list of capabilities alphabetically 19498650c3 Bump VERSION to 19.03.13 da428b1aec Complete capabilites with and without "CAP_" prefix. 4056693640 [19.03] vendor: stop using docker/engine fork for vendoring f6cc6fa133 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc d61bf277b8 [19.03] vendor: tonistiigi/fsutil v0.0.0-20191018213012-0f039a052ca1 4024535260 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc 9a44f43fb9 swagger: fix MemTotal units in SystemInfo endpoint a75083ebf0 docs/build: add note about git subdirectories with BuildKit 112d03e8ea plugins: update buildx to v0.4.2 ef44b94189 buildx: use v0.4.1 8a18415110 Bump buildx to master to check if it builds on the CI 0100e1c0be Replace vbom.ml/util with fvbommel/sortorder 53c69c574e Bump Golang 1.13.15 87867aff90 Bump Golang 1.13.15 76060cc4a0 Bump Golang 1.13.15 8a905386a1 update containerd to v1.3.7 0ffc8f1e55 update containerd to v1.3.6 aff3f55db8 update containerd to v1.3.5 61f6fac7a1 update containerd to v1.3.4 c938231789 update containerd binary to v1.3.3 ba94dd5a0d Update containerd to v1.3.2 13106ca34e Update containerd to v1.3.1 c5ad02b467 update containerd binary v1.3.0 a0edb6a8cb Fix log file rotation test. b17b2f05b6 Fix flakey test for log file rotate. efe3cf2163 Replaces ADD with COPY in the COPY section 5a861b676c Check for context error that is wrapped in url.Error a438db9875 docs: remove docs for —-from=index 475484e351 Bump VERSION to 19.03.13-beta2 3f7bf34392 oci: correctly use user.GetExecUser interface And the following libnetwork commits: 90990763 service_linux: Fix null dereference in findLBEndpointSandbox 8565f0b1 log error instead if disabling IPv6 router advertisement failed Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8c5314725d |
containerd: bump to v1.4.3
This version bump incorporates the following fixes: 727e1728d Prepare 1.4.3 release notes ae3a64aa1 containerd-shim: use path-based unix socket 428f10fd2 Use path based unix socket for shims f2e4291b6 Prepare 1.4.2 release 76f3d1955 Update mailmap for 1.4.2 release ca9950755 Update cri version to pickup unknown state fix 0b97c6204 Update cri plugin c0f1add3c Fix Windows service panic file to not be read-only fbe18caa1 Update btrfs vendor for chkptr fix for Go >= 1.14 cbbf257ab Add Go test runs to GitHub Actions CI 19776b75b Adjust overlay tests to expect "index=off" 7eb852214 Allow oom adj test to run in environments with a score 036ede698 Import crypto for all snapshotters during testsuite 5618423a0 Add comments clarifying copyWithBuffer implementation a2ebee357 replicate io.Copy optimizations 9b2156aa8 Improve image pull performance from http 1.1 container registries 56291a221 bug fix:#3448 16e51fc31 Fix integer overflow on windows 6ebd9a94a Update other actions for env/path CVE fix 0a3488c71 Fix GH Actions CI deprecations cc3be9ae3 Bump Golang 1.15.5 ebffce3ad seccomp: add pidfd_getfd syscall (gated by CAP_SYS_PTRACE) 229f5ea4e seccomp: add pidfd_open and pidfd_send_signal e45f41e3a update to golang 1.15.2 695516287 Remove setuid gosu in favor of "sudo -E PATH=$PATH ..." 77931f801 ci: run critest target for all runtimes c745d237e Revendor CRI to get disabled annotation config default 88e7f23bc Read trailing data from tar reader 856a12fca Update github.com/Microsoft/hcsshim to v0.8.10 cc6f72a00 Check if a process exists before returning it 9a44af11d Windows CNI install script using lowercase "destdir" Runtime testing completed on arm64 and x86-64, as well as with orchestration engines. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
6049f9abf8 |
k8s: update to 1.20 release candidate
As part of this update:
- we refresh our CC patch to apply cleanly
- adjust the host side GO_LDFLAGS to drop linker flags that cgo
doesn't like when building generated_files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Tim Orling
|
fbfced367d |
linux-yocto: add cgroup-hugetlb config
Add kernel config fragment for CONFIG_CGROUP_HUGETLB This is a recommended config for Kubernetes and k8s will throw a warning if it is not present. Signed-off-by: Tim Orling <ticotimo@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Naveen Saini
|
08b5de42f9 |
libvirt: fix host gcc can't recognized option -fmacro-prefix-map
libvirt-python picks host gcc (instead of cross gcc) to build shared library in absense of LD*SHARED flags. Instead of inherit distutils3-base.class, taking SHARED flags to create libvirt-python package. Ref: https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/classes/distutils-common-base.bbclass Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
968e4116a8 |
nagios-core: fix do_install during cross builds
Upstream started stripping built binaries by default, using HOSTTOOLS install to strip binaries that are different in architecture from the host, raising errors: strip: Unable to recognise the format of the input file TOPDIR/tmp-glibc/hosttools/install: strip process terminated abnormally Hence, build unstripped binaries and let oe build system strip the binaries during do_package. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |