mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
8f0eb65eda
1949 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bruce Ashfield
|
239dba39f8 |
ovs: update to v2.17.0
Along with patch refreshes, and a drop since it is now upstream ..
Bumping ovs to version v2.17.0-30-g2404d4536, which comprises the following commits:
2404d4536 system-traffic.at: Fix flaky DNAT load balancing test.
6b8adfdd8 dpif-netdev: Keep orig_in_port as a field of the flow.
6098b7f25 tests: Fix incorrect usage of OVS_WAIT_UNTIL.
cf9018d37 odp-util: Fix output for tc to be equal to kernel.
992de2406 netdev-offload-tc: Fix IP and port ranges in flower returns.
7e26796c0 netdev-offload-tc: Fix use of ICMP values instead of masks defines.
e319e2706 netdev-offload-tc: Always include conntrack information to tc.
51ef81ad7 netdev-offload-tc: Check for valid netdev ifindex in flow_put.
974253dc2 netdev-offload-tc: Set the correct VLAN_VID and VLAN_PCP masks.
c43c159ae netdev-offload-tc: Add debug logs on tc rule verify failures.
d34622a03 tc: Keep header rewrite actions order.
5255713d1 faq: Update OVS/DPDK version table for OVS 2.15/2.16
05cf36a62 system-dpdk: Fix mfex autovalidator tests.
87540e3b9 ofp-prop: Silence the 'may be uninitialized' warning.
812164ade tests: Ignore log about failing to set NETLINK_EXT_ACK.
ae51ccc12 ovsdb-cluster.at: Avoid test failures due to different hashing.
f33cde23c ofproto: Use xlate map for uuid lookups.
6ac255496 ofproto: Add refcount to ofproto to fix ofproto use-after-free.
db0cc8be3 ofproto-dpif: Trigger revalidation when ipfix config set.
31b86e5c9 conntrack: Prefer dst port range during unique tuple search.
b761b532c conntrack: Select correct sport range for well-known origin sport.
78bd058c3 ipsec: StrongSwan report connection update failures to ovs logs.
aa05596df ipsec: Libreswan report connection failures to ovs logs.
427776cea system-tso: Skip encap tests when userspace TSO is enabled.
66d16e288 tc: Fix stats byte count on fragmented packets.
b63c41f31 compat: Add gen_stats include to define tc hw stats.
c531b3828 ovsdb: raft: Fix inability to join the cluster after interrupted attempt.
498cedc48 reconnect: Fix broken inactivity probe if there is no other reason to wake up.
5dc1423d8 datapath-windows: Fix NXM_OF_IP_TOS issue
91c0f0068 Prepare for 2.17.1.
db7c86e5d Set release date for 2.17.0.
6dd933478 Documentation: Update USDT documentation to include systemtap dependency.
8b5136a89 ovsdb-idl: Fix use-after-free when destroying an IDL loop.
a3182552c dpif-netdev: Use dp_netdev reference in offload threads.
691295d5a dpif-netdev: Fix a race condition in deletion of offloaded flows.
bebbf0d6e dpif-netdev: Move port flush after datapath reconfiguration.
e03a14c89 dpif-netdev-dpcls: Make subtable reprobe thread-safe.
036957015 ci: Fix typo in variable name.
76da23462 dp-packet: Ensure packet base is always non-NULL.
2cd30fd6b bfd: lldp: stp: Fix misaligned packet field access.
88705f1ba ovsdb-idlc: Avoid accessing member within NULL idl index cursors.
b006e8ebb stopwatch: Fix buffer underflow when computing percentiles.
a6ba4b037 dpif-netdev: Fix misaligned access.
6da79614a treewide: Don't pass NULL to library functions that expect non-NULL.
bee8ec09d system-traffic.at: Avoid sporadic failures during conntrack IPv6 HTTP/FTP tests.
3626f3ca6 system-traffic.at: Do not use ranges with broadcast address.
2035b1b33 system-dpdk.at: Add warning log in mfex fuzzy test.
095f87c24 ofproto: Fix ipfix not always sampling on egress.
fbeef2794 tc: Fix incorrect TC rule for decap+encap datapath flow.
54bca0430 dpif-netdev: fix vlan and ipv4 parsing in avx512
aa713d9b4 ci: Install wheel before installing any other python packages.
573230ec0 odp-util: Fix tunnel key attr for GTP-U.
4638cb58f ovsdb-idl: Only process successful txn in ovsdb_idl_loop_run.
87f67448b ofproto-dpif-upcall: Fix n_revalidators on upcall show.
268402b47 acinclude: Detect avx512 vpopcntdq compiler support.
1ff8fe347 Documentation: Fix userspace Tx steering section.
44963a78e vswitchd.xml: Add missing tx-steering PMD option.
17cedcb2d ovsdb-idl: ovsdb_idl_loop_destroy must also destroy the committing txn.
06d484409 ofproto-dpif-xlate: Fix packet drops with decap action on MPLS Multicast.
69155eb20 tests: Fix cosmetic errors in system-traffic.at.
62eeea709 python: idl: Clear last_id on reconnect if condition changes in-flight.
ecdb9ca81 ovsdb-cs: Clear last_id on reconnect if condition changes in-flight.
f08013b5e python: idl: Resend requested but not acked conditions when reconnecting.
15bb5a978 ofp-flow: Skip flow reply if it exceeds the maximum message size.
4fdd6666a ovsdb: transaction: Keep one entry in the transaction history.
553f566d9 ovsdb-cs: Fix ignoring of the last id from the initial monitor reply.
167c2ff0e ofproto-dpif: Fix issue with non-reversible actions on a patch ports.
b8dba6594 NEWS: Fix some typo.
b1b77967f ovs-monitor-ipsec: Fix generated strongSwan ipsec.conf for IPv6.
109d02455 system-dpdk: Fix MFEX logs check.
6b1cfa209 datapath-windows: Pickup Ct tuple as CT lookup key in function OvsCtSetupLookupCtx
280d8de05 Prepare for 2.17.0.
f20abde5a netdev-dpdk: Remove rte-flow API access locks.
b0b6b7b46 dpif-netdev: Use one or more offload threads.
7daa50346 dpif-netdev: Replace port mutex by rwlock.
d85b9230a dpif-netdev: Make megaflow and mark mappings thread objects.
ec4ac6258 dpif-netdev: Use lockless queue to manage offloads.
b3e029f7c netdev-offload-dpdk: Protect concurrent offload destroy/query.
54dcf60e6 netdev-offload-dpdk: Lock rte_flow map access.
7851e602c netdev-offload-dpdk: Use per-thread HW offload stats.
5b0aa5577 dpif-netdev: Execute flush from offload thread.
d68d2ed46 dpif-netdev: Introduce tagged union of offload requests.
73ecf098d dpif-netdev: Use id-fpool for mark allocation.
528a8ab62 dpif-netdev: Postpone flow offload item freeing.
55dc4ef17 dpif-netdev: Quiesce offload thread periodically.
62c2d8a67 netdev-offload: Add multi-thread API.
2eac33c6c id-fpool: Module for fast ID generation.
5396ba5b2 mpsc-queue: Module for lock-free message passing.
5878b9252 ovs-atomic: Expose atomic exchange operation.
83823ae32 dpif-netdev: Implement hardware offloads stats query.
9ac3d951b mov-avg: Add a moving average helper structure.
e4543c7b1 dpif-netdev: Rename offload thread structure.
9ab104718 dpctl: Add function to read hardware offload statistics.
0e6366c23 netdev-offload-dpdk: Implement hw-offload statistics read.
adbd4301a netdev-offload-dpdk: Use per-netdev offload metadata.
1088f4e7f netdev: Add flow API uninit function.
aec1081c7 tests: Add ovs-barrier unit test.
59b8f9f8f dpif-netdev: Rename flow offload thread.
6207205e5 ovs-thread: Fix barrier use-after-free.
1b9fd884f Documentation: Remove experimental tag for PMD ALB.
09192a815 Documentation: Update PMD Auto Load Balance section.
5cc052435 Documentation: Update PMD thread statistics.
f0adea3fc Documentation: Minor spelling and grammar fixes.
4da71121d Documentation: Fix Rx/Tx queue configuration section.
85d3785e6 utilities: Add netlink flow operation USDT probes and upcall_cost script.
51ec98635 utilities: Add upcall USDT probe and associated script.
ff4c712d4 Documentation: Add USDT documentation and bpftrace example.
512fab8f2 openvswitch: Define the OVS_STATIC_TRACE() macro.
191013cae configure: Add --enable-usdt-probes option to enable USDT probes.
844f14181 dpif-netdev.at: Add test for Tx packet steering.
c18e707b2 dpif-netdev: Introduce hash-based Tx packet steering mode.
31e67c998 dpif-netdev: Introduce Tx queue mode.
e97112ce7 netdev-dummy: Introduce per rxq/txq statistics.
eff740b14 ofproto-dpif: Fix memory leak in dpif/show-dp-features appctl.
1917ace89 Encap & Decap actions for MPLS packet type.
4a6a47346 netlink-socket: Log extack error messages in netlink transactions.
eb1ab5357 netdev-linux: Use matchall classifier for ingress policing.
3b489a3b1 dpif-netdev: Improve loading of packet data for undersized packets.
8bc135d2d acinclude: Provide better error info when linking fails with DPDK.
1140c87e2 netdev-dpdk: Expose per rxq/txq basic statistics.
f260db1ef netdev-dpdk: Fix statistics when changing Rx/Tx queues count.
b84386fa9 dpdk: Support running PMD threads on any core.
356f36206 tests/oss-fuzz: Fix the arguments of parse_tcp_flags.
ddca1eb3a odp-util: Stop action list parsing if already oversized.
6e50c1651 dpif-netdev: Avoid hw_miss_packet_recover() for devices with no support.
e7e9973b8 dpif-netdev: Forwarding optimization for flows with a simple match.
46d44cf3b python: idl: Add monitor_cond_since support.
0d1ffb775 checkpatch: Detect "trojan source" attack.
428b11caa utilities: Add another GDB macro for ovs-vswitchd.
2f2ae5b6b tests: Fix endianness in netlink policy test fixtures.
0b6d2faac ci: Remove -Wno-cast-align from CI.
d652fc6a5 checkpatch: Correct line count in error messages.
28ef2535c dpif-netdev-extract: Change availability log level to DBG.
38c53dd17 AUTHORS: Add Nobuhiro MIKI.
9a834205a docs: afxdp: Remove duplicated lines.
d446dcb7e system-dpdk: Refactor common logs matching.
b366fa2f4 dpif-netdev: Call cpuid for x86 isa availability.
11441385c bridge: Fix incorrect configuration of netdev's dpif type.
ec2aa2ab4 ofproto-dpif-xlate: Snoop ingress packets and update neigh cache if needed.
b723b9320 tnl-neigh-cache: Do not refresh the entry while revalidating.
02f95638a tnl-neigh-cache: Add tnl/neigh/aging command.
f527aef14 tnl-neigh-cache: Read/write expires atomically.
f0266292b dpif-netdev: Improve handling of IP/TCP in avx512 mfex.
893693e80 AUTHORS: Add Nir Anteby.
7617d0583 netdev-offload-dpdk: Add support for matching on gre fields.
5f60741dc netdev-offload-dpdk: Support tnl_pop for gre tunnel.
a32cb78b5 netdev-dpdk: Add flow_api support for netdev gre vports.
827904146 netdev-offload-dpdk: Refactor get_vport_netdev().
76527525e AUTHORS: Update email for Alin Serdean.
38b42aa93 MAINTAINERS: Move Joe to emeritus status.
269b927fd dpdk: Use --in-memory by default.
b5d2dbdbb system-dpdk: Fix race in vhost-user tests.
9827312fa docs: Re-work the documentation around CPU ISA optimizations.
ed9778e94 dpif-netdev: Fix the autovalidator output for the miniflow extract.
339f97044 ovsdb: storage: Randomize should_snapshot checks when the minimum time passed.
bf07cc9cd raft: Only allow followers to snapshot.
20a4f546f dpif-netdev: Use PMD context to get the port for HW miss recovery.
17346b389 dpdk: Update to use DPDK v21.11.
72745ab0c compat: handle NF_REPEAT error on nf_conntrack_in.
18db7ec5e system-dpdk: Improve vhost-user ping tests reliability.
4f19a78a6 netdev-vport: Fix userspace tunnel ioctl(SIOCGIFINDEX) info logs.
4a7b58163 alb.at: Increase time/warp.
09c4449b2 alb.at: Check for log from correct line number.
1f5749c79 flow: Consider dataofs when parsing TCP packets.
d4bed9596 tests/flowgen: Fix packet data endianness.
e40982468 dpif-netlink: Improve feature negotiation for older kernels.
4490792dd ofproto-dpif: Increase dp_hash default max buckets.
91e1ff5dd ovsdb-idl: Don't reparse orphaned rows.
149169836 ofproto: Fix resource usage explosion due to removal of large number of flows.
a05883b89 ofproto: Fix resource usage explosion while processing bundled FLOW_MOD.
79953a57e stream-ssl: Avoid unnecessary memory copies on send.
dec429168 ovsdb-data: Consolidate ovsdb atom and json strings.
9d29990c2 json: Inline clone and destroy functions.
19aa70168 tests/flowgen: Fix length field of 802.2 data link header.
024ba5257 AUTHORS: Add Mike Pattrick.
958ca7ba3 ovs-tcpdump: Improve performance with dummy interface.
c60eec064 ovs-lib: Backup and remove existing DB when joining cluster.
c041042c1 python: idl: Avoid pre-allocating column defaults.
2fe20d0be docs/dpdk: Fix install doc.
29f8dc629 AUTHORS: Add Salvatore Daniele.
f88ee78e0 match: Do not print "igmp" match keyword.
59622fd1b ovs-save: Save igmp flows in ofp_parse syntax.
3b2982c42 faq: Update OVS/DPDK version table for OVS 2.13/2.14.
72fbb90af ofproto-dpif-xlate: Add a trace log for tnl_port_build_header() error.
7b8aeadd6 ovsdb-idl: Re-parse backrefs of inserted rows only once.
fb7a75e52 ofproto-dpif-xlate: Terminate native tunnels only on ports with IP addresses.
9fe0ce4f7 ofproto-dpif-xlate: Fix check_pkt_larger incomplete translation.
a83a40609 dpif-netdev: Sync PMD ALB state with user commands.
513ed6570 system-traffic.at: Fix typo in conntrack zones tests.
23083672b dpif-netdev: Reset RxQ cycles history on PMD reload.
bd0fec42a ofproto/bond: Improve admissibility debug readability.
71eb2ec44 datapath-windows: Reset flow key after Ipv4 fragments are reassembled
04b017e3a python: db: Avoid allocation of an attr dict/row+column.
695530d8f github: Remove workaround fixing up /etc/hosts.
113f925aa rhel: Use /run instead of /var/run.
9b20df73a dpctl: dpif: Allow viewing and configuring dp cache sizes.
efd55eb34 dpctl: dpif: Add kernel datapath cache hit output.
317b1bfd7 ovsdb: Don't let transaction history grow larger than the database.
1bdda7b6d ovsdb-idl: Use functions to apply diff in place.
4dbff9f0a ovsdb: transaction: Incremental reassessment of weak refs.
066741d9c ovsdb-idl: Add memory report function.
c5d384f77 checkpatch: Check if some tags are wrongly written.
9f2258360 AUTHORS: Add Somnath Chatterjee.
42c348184 dpif: Fix function pointer check for bond_add.
68543dd52 python: Replace pyOpenSSL with ssl.
3f550fa53 python: socket-util: Split inet_open_active function and use connect_ex.
56c3de3c6 datapath-windows:Reset PseudoChecksum value only for TX direction offload case
4bd375581 ci: Make linux-prepare trust system installs.
fa2bc2bb7 github: Stick to python 3.9.
a621ac5ea datapath-windows: add layers when adding the deferred actions
c1fdb8347 ofproto-dpif-xlate: Fix zone set from non-frozen-metadata fields.
02aebad3f dpif-netdev: Fix use-after-free on PACKET_OUT of IP fragments.
01bca6dab tunnel-push-pop.at: Mask source port in tunnel header.
3486d81d1 AUTHORS: Add Remi Jouannet.
f9f391982 ovs-ctl: Add missing description for --ovs-vswitchd-options and --ovsdb-server-options to usage().
755cf31a3 dpdk-stub: Change the ERR log to DBG.
d41cac475 docs/userspace-tunneling: Fix IP addresses for host2.
32899c824 acinclude: Use standardized DPDK component defines.
b841e3cd4 dpif-netlink: Fix feature negotiation for older kernels.
b12242e0e packets: Correct VXLAN_GPE_FLAGS_P macro name.
bd056cb94 dpif-netdev: Fix pmd thread comments to include SMC.
4a6217fab datapath: handle DNAT tuple collision.
cc0a87b11 pmd.at: Add test-cases for DPCLS and DPIF commands.
34fbdc410 python: idl: Avoid sending transactions when the DB is not synced up.
803ed12e3 ipf: release unhandled packets from the batch
13d05b8e5 sflow functions: fix unused parameter warnings for sflow functions
7796253db datapath-windows: Add file digest algorithm for signtool
5b7d54efc MAINTAINERS: Transition myself to emeritus status.
a461bc62e datapath-windows:adjust Offset when processing packet in POP_VLAN action
4feb05140 fix typo in dpdk doc
429b114c5 ovsdb-data: Deduplicate string atoms.
32b51326e ovsdb-data: Add function to apply diff in-place.
bb12b6317 ovsdb-data: Optimize subtraction of sets.
51946d222 ovsdb-data: Optimize union of sets.
bfc6e9735 dpif-netdev: Remove OVS_UNUSED flag in functions for ct_zone limits.
b2712d026 ovsdb: transaction: Use diffs for strong reference counting.
9e7081b14 cirrus: Reduce memory requirements for FreeBSD VMs.
849a40ccf netdev-linux: Fix a null pointer dereference in netdev_linux_notify_sock().
81de3a81a bond: Check for NULL member in bond_member_set_enable().
3168f328c pcap-file: Fix memory leak in ovs_pcap_open().
22c95f9fe odp-util: Fix a null pointer dereference in odp_flow_format().
a566c02a2 odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__().
5e86db383 netdev-dpdk: Fix RSS configuration for virtio.
d0020c5e8 docs: Recommend the use of dpdkvhostuserclient ports.
16e5b51f2 docs: afxdp: Fix wrapping in QEMU CMDs.
0eeca50f0 Documentation: Cleanup PMD information.
ee74a8b75 AUTHORS: Add Sergey Madaminov.
aae08a577 include/windows/unistd.h: Fixed type cast warning on Windows.
e05e1e3c0 netdev-offload-dpdk: Don't ignore frags as they are handled.
1318929f9 netdev-offload-dpdk: Support IPv6 fragmentation types.
c1a5d0e2b netdev-offload-dpdk: Support IPv4 fragmentation types.
26b18f189 netdev-offload-dpdk: Add last attribute to patterns.
a2fa8b289 conntrack: Remove the nat_action_info from the conn.
fdef31fb7 hash: Fix compilation error on Fedora 34 with GCC 11 and -O0.
ebcbb534e ipf: Fix only nat the first fragment in the reass process.
00d3d4a7d checkpatch: Avoid catastrophic backtracking.
372b790f1 AUTHORS: Add Tony van der Peet.
7e6b41ac8 dpif-netdev: Fix crash when PACKET_OUT is metered.
5c1cc74da rhel: Fix dual kernel rpm install for RHEL 8.4
944950dcc AUTHORS: Update Simon Horman
43e66fc27 ovsdb: monitor: Store serialized json in a json cache.
0de882954 raft: Don't keep full json objects in memory if no longer needed.
b0bca6f27 json: Add support for partially serialized json objects.
c2fb5bdae ovs-actions: Convert man page from xml to rST.
748010ff3 json: Optimize string serialization.
7847bf89e tests: Skip netlink policy test on non-Linux platforms.
7502849e9 ovsdb-idl: Add APIs to query if a table and a column is present.
bfee9f6c0 netlink: Add support for parsing link layer address.
9ab5075bf Set release date for 2.16.0.
3fc34862b AUTHORS: Add Vlad Buslov.
6bb3f363d tc: Set action flags for tunnel_key release.
d08c086e5 netlink-socket: Replace error with txn->error when logging nacked transactions.
d9a5fb78d netdev-offload-dpdk: Initialize s_tnl dynamic string.
0363891d1 dynamic-string: Fix a crash in ds_clone().
0b3a5d7ad dpif-netdev: fix memory leak in dpif and mfex commands
01cbe1ed4 dpif-netdev: fix memory leak in dpcls subtable set command
d2ad305a6 dpif-netdev: Fix dead code in mfex command
8a5f055a0 docs/dpdk/bridge: Fix dpif-netdev/miniflow-parser-set formatting
96e513f55 dpif-netdev-unixctl.man: Document miniflow-parser-* CMDs
3004ebf20 dpif-netdev-unixctl.man: Document subtable-lookup-* CMDs
c15c3df3a dpcls: fix build on compilers without AVX512-VPOPCNT
ccb6cc20f AUTHORS.rst: Add Lin Huang.
765c8a774 AUTHORS.rst: Add Gaetan Rivet and Wentao Jia.
2480d09e9 ovsdb: transaction-forward: Fix initialization of the 'sent' hmap node.
a3bd383e9 acinclude: Don't set AVX512-related configuration via CFLAGS.
e21e9dcec dpif-netdev: Log flow modification in debug level.
6f69e0e30 dpif-netdev: Fix offloads of modified flows.
0d25621e4 dpif-netdev: Fix flow modification after failure.
8917010b0 dpif-netdev: Do not flush PMD offloads on reload.
cd36a34f3 dpif-netdev: Fix non-atomic read of smc_enable_db.
de15afa50 dpdk: Stop configuring socket-limit with the value of socket-mem.
a8621f49d dpdk: Remove default values for socket-mem and limit.
1f7f55760 netdev-offload-dpdk: Fix vxlan vni cast-align warnings.
e8cccd3a3 netdev-offload-dpdk: Fix IPv6 rewrite cast-align warning.
b8b31d841 daemon-unix: Fix leak of a fork error message.
daf627f45 ovsdb-cs: Perform forced reconnects without a backoff.
69b2bdfd3 system-dpdk.at: Fix module not found error for pyhton < 3.6.
43b7d960a netdev-dummy: Silence the 'may be uninitialized' warning.
f05d6d623 ofproto-dpif-xlate: Fix continuations with OF instructions in OF1.1+.
8e808e7f1 datapath-windows:Correct checksum for DNAT action
954798752 Documentation: Remove duplicate words.
4703bc67b Prepare for post-2.16.0 (2.16.90).
45bd6d93f Prepare for 2.16.0.
298d4151f bond: Fix broken rebalancing after link state changes.
b1e517bd2 dpif-netlink: Introduce per-cpu upcall dispatch.
485e3a13a dpif-netlink: Fix report_loss() message.
1325debb4 ofproto: Change type of n_handlers and n_revalidators.
3222a89d9 dpif-netdev: Report overhead busy cycles per pmd.
30bfba024 tests: Add new test for cross-numa pmd rxq assignments.
6193e0326 dpif-netdev: Allow pin rxq and non-isolate PMD.
3dd050909 dpif-netdev: Add group rxq scheduling assignment type.
4fb54652e dpif-netdev: Assign PMD for failed pinned rxqs.
0efefc4f9 dpif-netdev: Sort PMD list by core id for rxq scheduling.
58fed7e8d dpif-netdev: Make PMD auto load balance use common rxq scheduling.
f577c2d04 dpif-netdev: Rework rxq scheduling code.
ccc24fc88 ofproto-dpif: APIs and CLI option to add/delete static fdb entry.
ae2424696 dpdk: Logs to announce removal of defaults for socket-mem and limit.
15329b728 flow: Count and dump invalid IP packets.
6545977ce ovs-rcu: Remove unused perthread mutex.
cb4bff6ff Don't mangle shebangs when building DKMS RPM package.
1f38f9dcf AUTHORS: Add Adrian Guzowski.
2abd8148c Add ability to override default Release suffix in RPM packages.
d28c5ca57 python: Add cooperative_yield() API method to Idl.
487253d5b python: Update bundled sortedcontainers to 2.4.0.
6c41bcb13 ci: Do not dump logs on error for GitHub Actions.
7ab851e1b dpif-netdev: Do not execute packet recovery without experimental support.
a72c1dfbd dpif/dpcls: limit count subtable search info logs
26fbd1a1b AUTHORS: Add Cian Ferriter.
83aae83e6 AUTHORS: Add Amber Kumar.
aa85a2509 dpif-netdev/mfex: Add more AVX512 traffic profiles
250ceddcc dpif-netdev/mfex: Add AVX512 based optimized miniflow extract
32f93dc5e dpdk: Add additional CPU ISA detection strings
dc39608d2 dpif/stats: Add miniflow extract opt hits counter
50be6715c test/sytem-dpdk: Add unit test for mfex autovalidator
a395b132b dpif-netdev: Add packet count and core id paramters for study
5324b54e6 dpif-netdev: Add configure to enable autovalidator at build time.
5c5c98cec docs/dpdk/bridge: Add miniflow extract section.
72dd22a0d dpif-netdev: Add study function to select the best mfex function
dd3f5d86d dpif-netdev: Add auto validation function for miniflow extract
3d8f47bc0 dpif-netdev: Add command line and function pointer for miniflow extract
3e82604b7 docs: Add documentation for ovsdb relay mode.
e26bf9726 ovsdb: Make clients aware of relay service model.
edcf44172 ovsdb: relay: Reflect connection status in _Server database.
7964ffe7d ovsdb: relay: Add support for transaction forwarding.
026c77c58 ovsdb: New ovsdb 'relay' service model.
b4cef64c8 ovsdb: row: Add support for xor-based row updates.
85dbbe275 ovsdb: table: Expose functions to execute operations on ovsdb tables.
e93fc5db9 ovsdb: storage: Allow setting the name for the unbacked storage.
4d9605379 jsonrpc-server: Wake up jsonrpc session if there are completed triggers.
00dda78ed ovsdb-cs: Avoid unnecessary re-connections when updating remotes.
73259ea70 ovsdb-server: Fix memleak when failing to read storage.
066a84f89 latch-unix: Decrease the stack usage in latch
d2e97030e netdev-linux: fix compile error in nl_msg_put_act_police
d53ea18be AUTHORS: Add Andrew Rybchenko.
909b40f67 netdev-offload-dpdk: Fix port ID logging on destroy.
b889d5dcc conntrack: Init hash basis first at creation.
b0d289bb5 netdev-linux: Ignore TSO packets when TSO is not enabled for userspace.
464b5b13e netdev-offload-tc: Verify the flower rule installed.
1e3148913 dpcls-avx512: Enable avx512 vector popcount instruction.
60c9e1a2f dpdk: Cache result of CPU ISA checks.
2100f0e51 dpif-netdev/dpcls: Specialize more subtable signatures.
47a2a8f41 dpif-netdev/dpcls-avx512: Enable 16 block processing.
d76a719a7 dpif-netdev: Add a partial HWOL PMD statistic.
3f86fdf5c dpif-netdev: Add command to get dpif implementations.
abb807e27 dpif-netdev: Add command to switch dpif implementation.
9ac84a1a3 dpif-avx512: Add ISA implementation of dpif.
e540499e4 dpif-netdev: Add function pointer for netdev input.
5930dfeeb dpif-netdev: Refactor to multiple header files.
c36c8e3f5 ovsdb-tool: Fix memory leak in "check-cluster" command.
ba16a36f3 dpif-netdev: Add all-zero SNAT to the advertised features of ct.
61e48c2d1 conntrack: Handle SNAT with all-zero IP address.
fa0e2d26d util: Add token concatenation macro with argument expansion.
1e19f9aa2 conntrack: Handle already natted packets.
aa4359cb9 dpif-netdev: Read recirc depth and flow api enabled once per batch.
e6ad4d8d9 conntrack: Document all-zero IP SNAT behavior and add a test case.
355fef6f2 ofproto-dpif-xlate: Avoid successive ct_clear datapath actions.
347362d0c AUTHORS: Add Bodo Petermann and David Wilder.
b7809111a odp-util: Stop key parsing if already oversized.
3da3cc1a0 ovs-numa: Support non-contiguous numa nodes and offline CPU cores.
154983c59 python: Fix Idl.run change_seqno update.
b57b062f5 ofp-actions: Report an error if there are too many actions to parse.
b30bfb6b8 ovsdb-server.7.rst Fix response result of monitor_cond_change
0c0995238 stream-ssl: Remove unsafe 1024 bit dh params
4e948b86c bridge: Use correct (legacy) role names in database.
828d9cb8d ovs: fix wrong quote
00c1bce13 docs: fix wrong quote
780b2bde8 bridge: fix type mismatch
911adb93e ovs-save: Use right OpenFlow version for "ovs-ofctl dump-tlv-map".
8ab198092 NEWS: Add note about PPS support for ingress policing
10c9dfeb5 bridge: Only an inactivity_probe of 0 should turn off inactivity probes.
8d7c24083 fail-open: Only fail open if we've been disconnected for at least 1 s.
f686957c9 add test cases for ingress_policing_kpkts parameters
c2567e533 add port-based ingress policing based packet-per-second rate-limiting
b6c5f30cf checkpatch: Ignore macro definitions of FOR_EACH.
772a842fb dpif-netdev: Apply subtable-lookup-prio-set on any datapath.
07a5fa610 AUTHORS: Add Paolo Valerio.
331975506 ovs-actions.xml: Add missing bracket.
63c01b895 netdev-offload-tc: Use nl_msg_put_flag for OVS_TUNNEL_KEY_ATTR_CSUM.
2c597c890 conntrack: add coverage counters for L3 bad checksum.
76700f374 conntrack: Increment coverage counter for all bad checksum cases.
e5b5008ac ovs-lib: pass optional --election-timer arg to ovsdb-tool
e098c2f96 netdev-dpdk-offload: Add vxlan pattern matching function.
507d20e77 netdev-offload-dpdk: Support vports flows offload.
b5e6f6f6b dpif-netdev: Provide orig_in_port in metadata for tunneled packets.
be56e063d netdev-offload-dpdk: Support tunnel pop action.
20b176044 netdev-offload-dpdk: Change log rate limits.
a1ec42803 netdev-offload: Disallow offloading to unrelated tunneling vports.
6a855d3e7 netdev-offload: Allow offloading to netdev without ifindex.
bc341440d dpif-netdev: Add HW miss packet state recover logic.
aca2f8a8a netdev-offload-dpdk: Implement HW miss packet recover for vport.
c5b56f0eb netdev-dpdk: Add flow_api support for netdev vxlan vports.
1b27484f2 netdev-offload: Introduce an API to traverse ports.
6f50f28b9 netdev-dpdk: Introduce DPDK tunnel APIs.
f36e7438f netdev-offload: Add HW miss packet state recover API.
f0e4a7338 tests: Add PMD auto load balance unit tests.
833f1b843 pmd.at: Get next line number of log.
f3ad560d5 dpif-netdev: Expand the meter capacity.
bd9052455 Remove Python 2 leftovers.
ad256c314 dpdk: Add debug appctl to get malloc statistics.
c16b9ac74 datapath-windows: Specify external include paths
e81ed9421 Fix redundant datapath set ethernet action with NSH Decap.
c2999459d tests: Fixed L3 over patch port tests.
cca40141a netlink: removed incorrect optimization
661fd5edb AUTHORS: Add Wang Liang.
640d4db78 ipf: Fix a use-after-free error, and remove the 'do_not_steal' flag.
2afe31169 odp-util: Return an error on actions overflow while parsing from string.
5fe3ef1a0 tests: Fix spelling error in test name.
50b419d0a raft: print local server ID when opening RAFT database
c5a58ec15 python: idl: Allow retry even when using a single remote.
04f8881f5 ovsdb-idl: Fix the database update signaling if it has never been connected.
91cb55bc8 system-traffic.at:add missing comma
9f3815ed6 AUTHORS: Add Rosemarie O'Riorden.
6426417c1 ipfix-gen-entities: Add missing argument in function call.
210c4cba9 docs: Add a topic about record/replay with ovsdb-server.
4275b5b7f ovsdb-client: Integrate record/replay functionality.
0be15ad76 ovsdb-server.at: Add unit test for record/replay.
964da9a8b jsonrpc: Disable inactivity probes if replay engine is active.
30ccf2c51 ovsdb-server: Don't update manager status if replay engine is active.
182a0b8ad ovsdb-server: Integrate stream replay engine.
07a07d06a uuid: Allow record/replay of generated UUIDs.
fae1ae043 stream: Add record/replay functionality.
610ac1e82 ovs-replay: New library to create and manage replay files.
a4b04276a ofproto: Fix potential NULL dereference in ofproto_ct_*_zone_timeout_policy().
dd0f59783 ofproto: Fix potential NULL dereference in ofproto_get_datapath_cap().
f1951d41f ovs-save: Fix awk command to return highest ofp version.
3012710ec tests: Fix PKIDIR checks in AT_SKIP.
5da031d6d tests: Drop support for glibc before version 2.11.
fb1e7863e ovsdb-tool: add --election-timer=ms option to 'create-cluster'
13c0eaa7b dpif-netlink: Fix send of uninitialized memory in ct limit requests.
328d20e0f ofproto-dpif: Fix use of uninitialized attributes of timeout policy.
577b9a816 netdev-linux: Fix use of uninitialized LAG master name.
0b3ff31d3 ofp_actions: Fix set_mpls_tc formatting.
7731d2614 dpif-netdev: Remove meter rate from the bucket size calculation.
76b720ed1 ovs-actions: Document normal pipeline.
60638d61a AUTHORS: Add Wang Yibo.
f173527ec ovs-ofctl: Fix coredump when using "add-groups" command.
3c2d6274b raft: Transfer leadership before creating snapshots.
b5bb044fb ovsdb-cs: Consider all tables when computing expected cond seqno.
7100c220e mac-learning: Remove obsolete comments about tags.
b45958bf7 dpdk: Use DPDK 20.11.1 release.
484e9a4dd github: Fix up malformed /etc/hosts.
843cd4304 doc: automake: Add support for sphinx 4.0.
b03daccfd cirrus: Look up existing versions of python dependencies.
721488d4a classifier: Make find_match_wc() prototype and definition match.
b96d2756f tnl-neigh-cache: Include expected array sizes in prototypes.
f09182a3b ofp-group: Use big-enough buffer in ofputil_format_group().
09fe18af2 xml2nroff: Fix formatting of action headers in ovs-actions(7) manpage.
a019868a6 ofproto/ofproto-dpif-sflow: Check sflow agent in case of race
5dce24d04 ipsec: Fix race in system tests.
fd1114e96 AUTHORS: Add Michal Kazior.
d90b4f292 rtnetlink: ignore IFLA_WIRELESS events.
f9d303903 dpif: Fix use of uninitialized execute hash.
4a6be85c8 odp-util: Fix use of uninitialized erspan metadata.
3311ca0d4 AUTHORS: Add Ariel Levkovich.
ea71a9d44 netdev-offload-tc: Add support for ct_state flag rel.
0c147fb4e dpif-netlink: Fix using uninitialized info.tc_modify_flow_deleted in out label.
44ea24427 Add test cases for ingress_policing parameters
67e0e0bc1 netdev-linux: correct unit of burst parameter
d2d051310 AUTHORS: Add Aidan Shribman.
23f9ec9eb make: don't prompt during build
332b8a3e4 util: Add allocation wrappers that don't increment coverage counters.
4cb38cd22 ovs-lldp: Get rid of pointless null pointer check.
f8be30acf ipsec: Update ordering of imports.
8fc62df8b ipsec: Introduce IPsec system tests for Libreswan.
d6afbc00d ipsec: Allow custom file locations.
4ce8bb159 system-common-macros: clean up veth device on test failure.
58b4146e0 ipsec: Fix IPv6 default route support for Libreswan.
ac85cdb38 ovsdb-idl: Mark arc sources as updated when destination is deleted.
95689f166 ovsdb-idl: Preserve references for deleted rows.
4c0d093b1 ovsdb-idl.at: Make test outputs more predictable.
31629b538 ovs-ofctl: Fix segfault due to bad meter n_bands.
b4a9c9cd8 netlink: make Netlink socket receive buffer 4x larger
50b0b4d86 db-ctl-base: Warn if "destroy" command lacks --all or record argument.
9801d7c4b github: Fix handling of python packages.
c3690ccbc dpif-netdev: Refactor and fix the buckets calculation.
759aaa851 dpif-netdev: Fix the meter buckets overflow.
af0ce3866 AUTHORS: Add Shahar Klein.
925a09477 debian: Add configure option to debian/rules
2eb7e22a4 rhel: Do not update kmod RPM newer major revision kernels.
56e60eca7 rhel: ovs-kmod-manage.sh: Disable unneeded warning.
ec68a877d dpif-netdev: Allow PMD auto load balance with cross-numa.
edcfd7176 netdev-offload-tc: Add support for ct_state flags inv and rpl
1e4aa061a netdev-offload-tc: Probe for support for any of the ct_state flags
0a8bd432a compat: Add ct_state flags definitions
64b8c1d9a python: Send notifications after the transaction ends.
cdaa7e0fd dpif-netdev: Fix crash when add dp flow without in_port field.
2ad201659 ovs-ctl: Allow recording hostname separately.
f013e6f2d Documentation: Fix DPDK qos example.
39b937f06 raft: Add 'stop-raft-rpc' failure test command.
4c1d9ef14 raft: Report disconnected in cluster/status if candidate retries election.
14b2b0aad raft: Reintroduce jsonrpc inactivity probes.
ac09cbfcb ovsdb-cs: Fix use-after-free for the request id.
47e73f7f0 netdev-offload-tc: Flush rules on all chains before attach ingress block
436ce00da connmgr: Check nullptr inside ofmonitor_report().
8f09b2688 AUTHORS: Add Alexey Roytman.
e775bf32e ovsdb-client: Fix needs-conversion when SERVER is explicitly specified.
4cee0150a windows, tests: Modify service test.
e7df370cf netdev-linux: Fix indentation.
97918ed19 AUTHORS: Add Balazs Nemeth.
647a71988 docs: Add instruction to set local_ip to ipsec tutorial.
163b134d0 ofproto-dpif-upcall: Fix ukey leak on udpif destroy.
014496e73 ci: Use parallel build for distcheck.
5740843c4 github: Run clang test with AddressSanitizer enabled.
77cccc74d ofp-actions: Fix use-after-free while decoding RAW_ENCAP.
5704a7f35 Set release date for 2.15.0.
4b674829f dpif-netdev: auto load balance log state on user request.
81661d768 AUTHORS: Add Hariprasad Govindharajan.
8d0416153 faq: Update OVS/DPDK version table for OVS 2.15.
1560b4667 docs: Update for auto load balance threshold parameters.
caa41a871 cirrus: Use FreeBSD 12.2.
79349cbab flow: Support extra padding length.
e4a89a7cc rhel: Update build required dpdk.
9acbdd65c rhel: Add option to enable AF_XDP on rpm package.
498cf3eae netdev-offload-tc: Reject rules with unsupported ct_state flags.
255fd6ad2 dist-docs: Include manpages generated from rST.
da33a6875 db-ctl-base: Fix XML syntax error.
9513c0233 db-ctl-base: Add {in} and {not-in} set relational operators.
0f252daa9 tc: Fix mpls bottom of stack bit mask reporting.
3eec7fb07 pcap-file: Fix calculation of TCP payload length in tcp_reader_run().
c3da0ae65 ofp-table: Improve log message in ofputil_decode_table_features().
83f5e6fda AUTHORS: Add Volkan Atlı.
d8df84998 rhel: Update '--with-dpdk' argument for DPDK 20.11.
59611d6fe ovs-lib: Remove second parameter for stop_daemon.
9cf39b3e7 Add Tao YunXiang <taoyunxiang@cmss.chinamobile.com>.
2e0dace0e doc: Add 'faq' about datapath-id
c17f32a11 netdev-dpdk: Fix incorrect shinfo initialization.
75e1e6fd2 lib/tc: add ICMP type and code match offload
d5c429a30 github: Don't fail the job if 'apt update' failed.
492bbb54c vswitchd.xml: Fix supported IPsec tunnels.
748483d3f netdev-afxdp: Updated documentation.
d27494647 acinclude: Remove default library for DPDK.
3f19b124e ovsdb-doc: Add build dependency on dirs.py.
9049a11f0 system-dpdk: Fix 4th and 5th testcases of the system-dpdk testsuite.
25eb72a26 ovs-ctl: Prepend OVS binary directories to PATH.
c2e501c16 AUTHORS: Add Mao YingMing.
82440ad72 dpctl: Fix dpctl process command parameter error.
8e69349f2 conntrack: Fix the icmp conntrack new state.
1c337c43a ovsdb-idl: Break into two layers.
a5c067a8b ovsdb-cs: New module that factors out code from ovsdb-idl.
81f06e2b8 test-ovsdb: Log steps in idl test.
e7eb904d2 odp-util: Fix abort while formatting nsh actions.
50e5523b9 Prepare for post-2.15.0 (2.15.90).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
ebd4e07b77 |
k8s: update to 1.23.6
Bumping kubernetes to version v1.23.6-rc.0-16-gfbcfa330181, which comprises the following commits:
1e8f6d51484 Copy request in timeout handler
edd7a386c61 kube-up: use registry.k8s.io for containerd-related jobs
3194c87ba25 e2e: Wait only for the service account
a62ee8e5c3b e2e: Wait for kube-root-ca.crt to be created
651b1fa1cce Include pod UID in secret/configmap cache key
33d089b173c Move kubelet secret and configmap manager calls to sync_Pod functions
7f02733e4d8 test: Verify that nodes do not transition to Failed while ready
77865d3db93 test: Add E2E for job completions with cpu reservation
b51d11be7a4 test: Add E2E for init container pod deletion
290cdbf8792 kubelet: Delay writing a terminal phase until the pod is terminated
914475e2e9f Update CHANGELOG/CHANGELOG-1.23.md for v1.23.5
b3b64745789 Release commit for Kubernetes v1.23.6-rc.0
c285e781331 Release commit for Kubernetes v1.23.5
01c2f1c6420 Remove apf_fd from httplog
c52cd9c5920 Update Go to 1.17.8
1a897af197a cluster/gce: update konnectivity image tags to v0.0.30
d741174d7e1 bump sigs.k8s.io/apiserver-network-proxy/konnectivity-client@v0.0.30
0b8199041d1 fix dryrun when ca file exists
903f164b679 fix regression introduced by PR 100320
56bfc202e45 Add unit tests
a5faf0b5ce2 Fix nodes volumesAttached status not updated
4c85abf90bb Fix default config flags
1570a75766b test/e2e/framework: include the new control plane taint
60cd43c44e0 kubelet: Clean up a static pod that has been terminated before starting
33863be9478 Add an e2e test for updating a static pod while it restarts
621894de9d6 cronjob_controllerv2: do not filter jobs to be reconciled by labels
c9f904304d9 kube-proxy: fix duplicate port opening
f783e573f11 increase Azure ACR credential provider timeout
ba2cd0ca3db Updating EndpointSlice strategy to retain node name in topology until field is set
4e69dd88613 fix: do not return early in the node informer when there is no change of the topology label.
68ea240512a /test/e2e_kubeadm: adjust label checks for 1.23
2efffd62367 Ignore container notfound error while getPodstatuses
9f5e25033b6 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.4
d4b2d8cf961 Release commit for Kubernetes v1.23.5-rc.0
e6c093d87ea Release commit for Kubernetes v1.23.4
949798fe712 Add PDB selector patch integration test
47fc5aea4a2 Revert v1beta1 PodDisruptionBudget select patchStrategy
ef293a9ee95 test/e2e_kubeadm: fix matching UnversionedKubeletConfigMap defaults
799ffd58065 kubeadm: fix the bug that 'kubeadm init --dry-run --upload-certs' command failed with 'secret not found' error
c465ceccb32 Update Go to 1.17.7
f0eac451011 Use serializable struct for x-kubernetes-validations in openapi
02d1a291c8b Make JSON schema round tripping test more strict
30eff360132 ignore CRI PodSandboxNetworkStatus for host network pods
34a8474e600 set secondary address on host-network pods
14c399ec5e3 Deeply copy JSONSchemaProps.XValidations.
9fe0c40c8e5 wrap error from RunCordonOrUncordon
0d487176d3a Ensure the execHostnameTest() compares hostnames
733c0ebc7c3 Revert "Fix comparison between FQDN and hostname"
ebfa08cd39b service REST: Call Decorator(old) on update path
92d09f90c01 add namespace in azurefile volumeid
5830d1474ff fix: azurefile volumeid conflict in csi migration
bce4e5ba5b1 Mark device as uncertain if unmount device succeeds
4b868d09c98 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3
72506a8439c Release commit for Kubernetes v1.23.4-rc.0
816c97ab8cf Release commit for Kubernetes v1.23.3
f2c6108f462 kubelet: fix podstatus not containing pod full name
398effdfe0d Fix bug with node restriction blocking pvc.status.resizestatus change
6d08a56228a Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true
996d8fca977 Set max results if its not set
9c31df589b7 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2
918dd8343f0 Release commit for Kubernetes v1.23.3-rc.0
9d142434e3a Release commit for Kubernetes v1.23.2
4935e0a527e Update k/utils to v0.0.0-20211116205334-6203023598ed
38e9dce15f4 [go] update to Go 1.17.6
28ad5463fda fix: remove outdated ipv4 route when the corresponding node is deleted
dfea07a3b04 fix: delete non existing disk issue
65b309c76d8 Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration."
677eae51666 fix containers order after applying
89d8be52ef4 generated: ./hack/update-vendor.sh
04f3c5793c1 upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
8c8fe66f7aa Execute sync before taking the snapshot
4b1d9d80da7 Correct the feature gate string for RBD migration.
50e813278cd fix: azuredisk parameter lowercase translation issue
879947434c0 removed unnecessary log line
88249a973a8 kubectl: add integration test for result reporting
16a4de9268a cli: let kubectl handle error printing
c5365784330 cli: avoid logging command line errors in more cases
26dae30f913 Fix header mutation race in timeout filter
81c8d0aad93 clear pod's .status.nominatedNodeName when necessary
f61c4b18c42 use node informer to check volumes attachment status before backoff
f4ba875cdfd When volume is not marked in-use, do not backoff
e36b9382ecd kubeadm: remove the restriction that the ca.crt can only contain one certificate
f4835a2cd3e flake fix: remove the error handler for cronjob integration test
962ab763c5e Fix the leak of vSphere client sessions
cc6c36f286d client-go: Clear the ResourceVersionMatch on paged list calls
d42a44fcb2f Enabling kube-proxy metrics on windows kernel mode
e6a8826e992 Remove JSON logging performance regression
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
2a355647b9 |
libvirt: uprev to 8.1.0
Bumping libvirt to a newer version. We drop our backported patches, update the checksums, change the meson configuration slightly and adjust the location of the systemd manipulations. Along with functionality changes and bugfixes, we pickup newer python components, so we can survive the depreciation of distutils more easily. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
82f8a454a3 |
python3-sphinx: make a 4.2.0 specific recipe
OEcore has pulled in python3-sphinx, and bumped the version. Our recipe is causing failures. We still have a version dependency on 4.2.x, so we create a specific recipe to keep things working. Hopefully this can be deleted shortly, and this is only being created as a transition project. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
e7516708fe |
ceph: set CXXFLAGS and CFLAGS
commit a83623a54a375d3ae9198a135b94379881a2b7a5 was added to oe-core which removes CXXFLAGS and CFLAGS causing compilation for ceph to fail. Set CXXFLAGS and CFLAGS to resolve the issue. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8cba065209 |
k3s: update to 1.23.1
The significant commit in this series is:
0e72260df4 delete vendor dir
Which means that we completely have to revamp the recipe to build
without go accessing the network to pull in dependencies. This is
an initial effort, and it is acknowledged that it isn't efficient
or fast, due to the number of fetches and I/O required to complete
the population of the vendor/ directory.
The recipe can be iterated and made more efficient over time.
Bumping k3s to version v1.23.1+k3s1-11-ge7464a17f7, which comprises the following commits:
e7464a17f7 Fix use of agent creds for secrets-encrypt and config validate
8d8c8b0c6b Don't skip the dev image when skipping airgap
31f1a00b6f Fix a typo: advertise-up -> advertise-ip (#4827)
2ac8df3602 Integration tests utilities improvements (#4832)
612a9412fd Enable make generate to use dapper and standardize go and gzip versions (#4861)
66eeabbdfc linter doesn't actually run on windows, found these while getting it running on a windows machine
142b1d96f4 Update channel.yaml for 1.23
ff49dcf71e Export default parser
d0f7e23328 Require integration test to be run as sudo/root (#4824)
a02db0f2fa Fix cgroup smoke test (#4823)
08d538fb3a Update golang
87395e32d6 Update modules for Kubernetes v1.23
6656d48415 Add tests to use vagrantfile (#4722)
70902209b9 Bump stable to v1.22.5+k3s1 (#4821)
3ee3ecb3ac package rename wasnt approved yet, backing out cruft that snuck into last pr
a5c6e6a68a Fix panic checking name of uninitialized etcd member
52e450f033 Add etcd sonobuoy tests
9919f229b6 Add variable to enforce max test concurrency
247298a20d Fix previous channel detection
6872e7da25 More codespell ignores
3ae550ae51 Update bootstrap logic to output all changed files on disk (#4800)
0e72260df4 delete vendor dir
e6cf8f5982 code changes to drop the vendor dir
4eb282edac Move flannel logs to logrus
2e91913f54 Close agentReady channel only in k3s (#4792)
8ad7d141e8 Close etcd clients to avoid leaking GRPC connections
588d15db8f Remove Disables, Skips and DisableKubeProxy from the comparing configs
555dfc54db Add initial skeleton ADOPTERS.md to better track large use cases (#4764)
baf865b836 Add ADR
6f4217a340 Build standalone containerd
8737e2e13f Build script cleanups
89e63972e9 Bump k3s-root to v0.10.1
17eebe0563 Fix cold boot and reconcilation on secondary servers (#4747)
73725a0882 docs: adrs: Dual-stack in network policy agent
d71b335871 Fix snapshot restoration on fresh nodes (#4737)
bf4e037fcf Resolve Bootstrap Migration Edge Case (#4730)
2f3bfc27c0 Add in docs/adr to ensure we capture decisions properly during design calls (#4707)
a6fe2c0bc5 Resolve restore bootstrap (#4704)
a70487d5ae Update wharfie usage in windows code path
3985fd0e26 [master] Add validation to certificate rotation (#4692)
e8a30a87c8 Bump runc to v1.0.3
eb068da7f3 Add `SKIP_AIRGAP` enviroment variable for make (#4688)
8f389ab030 Include node-external-ip in serving-kubelet.crt SANs (#4620)
bcb662926d Secrets-encryption rotation (#4372)
1b3187ea07 Check HA network parameters
7d3447ceff Bump wharfie to v0.5.1 and use shared decompression code
05d43278e2 bump kine to v0.8.1
3b6a3fe905 Update dynamiclistener
a8f7e9f7e8 Nighlty automation vagrant rework (#4574)
a0208058ae Bump stable to v1.21.7+k3s1 (#4636)
77fd3e99ec Add cert rotation command (#4495)
1e6e4db2bc Update maintainers list (#4622)
d05c334a78 Improved cleanup for etcd unit test (#4537)
ae4a1a144a etcd snapshot functionality enhancements (#4453)
0c1f816f24 go generate
a7ba3e14ff Add package version to traefik helm chart
7685da3e24 Improve flannel logging
d93c82f958 [master] Bump golang and containerd (#4538)
65110a4eec [master] Bump Kubernetes to v1.22.4-k3s1 (#4536)
03485632ea Fix regression with cluster reset (#4521)
ef263bd2b0 Improved regex for double equals arguments (#4505)
535a919635 Removed value from warning about skipping flags (#4491)
c77efe64e1 tests/vagrant: refactor vagrant smoke tests (#4484)
f18b3252c0 [master] Add etcd extra args support for K3s (#4463)
41ff19de71 Feature: Add CoreDNS Customization Options
4b57951fb0 Fix to allow etcd-snapshot to use config file with flags that are only used with k3s server. (#4464)
5ab6d21a7d Increase agent's apiserver ready timeout (#4454)
bc7cdc78ca go generate
2e9358934d Add dashboard annotations to Traefik helm chart
5d168a1d59 Allow svclb pod to enable ipv6 forwarding
adaeae351c update bootstrap logic (#4438)
d85b2468ea Corrected skip check for dualstack on CI (#4427)
559c8ad94b install: /usr/sbin/transactional-update (#4403)
7bd65047c3 Match to last After keyword for parser (#4383)
8915e4c7f7 Replace gzip with pigz for faster builds (#4411)
0a5c6b1088 Remove unit tests from drone CI (#4424)
36c6634cce [master] updating to new signals package in wrangler (#4399)
f1d6e9bc4b install.sh: fix path detection for sle-micro (#4398)
86c6924119 containerd: v1.5.7-k3s2 (#4387)
f7dcc139ff Bump klipper-lb image for arm fix
aa3332085f Update k3s CI to run all integration tests (#4358)
94c1b988ca Enable Epics Action to automatically check off child issues in an epic (#4353)
f1622129e4 refactor: Use plain channel send or receive
f9f1cabe9c Fix log/reap reexec
702fe24afe containerd/cri: enable the btrfs snapshotter (#4316)
3da1bb3af2 Fix other uses of NewForConfigOrDie in contexts where we could return err
5acd0b9008 Watch the local Node object instead of get/sleep looping
3fe460d080 Block scheduler startup on untainted node when using embedded CCM
52eb6cac1c install.sh: initial support for sle-micro (#4331)
91cf835ec3 Update to v1.22.3 (#4354)
7c3f21e581 K3s Integration test fixes (#4341)
ab3d25a2c5 Update peer address when running cluster-reset
0a0b915921 reset buffer after use (#4279)
02a314c69a Bump klipper-helm version
918945da45 Added configuration input to etcd-snapshot (#4280)
72a1925a34 install.sh: capture quoted environment variables (#4275)
6e410fad49 Update to the newest flannel
b5b7033afd Bump klog fork version
e11a4bf8bb set duration to second (#4231)
0452f017c1 Add etcd s3 timeout (#4207)
34080b23b1 Copy old bootstrap buffer data for use during migration (#4215)
dbc14b8990 Fix race condition in cloud provider
5a923ab8dc Add containerd ready channel to delay etcd node join
6b4d75d245 maintainers: add Manuel and Michal (#4193)
b282528ee2 Display cluster tls error only in debug mode (#4124)
dc18ef2e51 Refactor log and reaper exec to omit MAINPID
d6b6a3ee9f vagrant: Add Ubuntu 21.04 support
5e01201195 vagrant: Update package list for Ubuntu
e420583684 vagrant: Add support for vagrant-libvirt
f830d09d6e vagrant: Change OS environment variable to DISTRO
feec44572d Improve error message when using a "K10" prefixed token (#4180)
ac7a8d89c6 Add ability to reconcile bootstrap data between datastore and disk (#3398)
9e787bfacb moving fossa to being inline step with a sles image
b6919adf62 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161)
00cf4578ec Dual-stack support LB controller
1f7151ed2f Update stable to v1.21.5+k3s2
9b35734e1a Add topologySpreadConstraints to support scaling of coredns
e24e1332fd Bump containerd to v1.5.7+k3s1
12e675e2cc Don't evacuate the root cgroup when rootless
cd5002ea37 Skip tests that violate version skew policy
5d1a37ee32 Send MAINPID to systemd when reexecing for logfile output
a16105b348 Properly handle operation as init process
f4cea90cb9 set transport to skip verify if se skip flag passed (#4102)
fd495a6a5f Bump stable to v1.21.5+k3s1 (#4068)
87524a7ac7 Enable the inheritance of settings for ipv6
4ec71b360c Adding fossa anaylze/test drone step
73e21e739f Drop broken SupportNoneCgroupDriver support
8005885bad Add 1.22 channel
539e224159 Update build images to python3 for compat with recent gsutil change
b99b943c17 Use the new klipper-lb image that has newer go and Alpine versions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
5d30327332 |
lopper: update to 1.0.2
Bumping lopper to latest, which comprises the following commits:
c7b22ce lopper/subsystem: update access to latest specification
716fe89 lopper/init: pass permissive to dt_compile if specified on the command line
2575d66 dt_compile: allow duplicate label errors to be skipped with --permissive
22b2515 lopper: drop duplicate labels due to node merging
f70eb86 lopper: bump version to 1.0.2
9b72de5 lopper: only execute main() when __main__ is called directly
b0b19a1 lopper: improve label round trip handling
d4b7706 docs: clarify lop versioning an compatible strings
e44204b README: add phandle-desc-v1 description
17350a7 version: bump to 1.0.1
0a4fcac tree: fix tree export and reload
520dea8 lopper/base: add secure-address-map description
6e660c5 lopper/lops: resolve tree when copying
8d46634 lopper: allow select to match labels
7aac1e3 openamp: add stub for OpenAMP Domain processing landing function
82986bb lopper: add the ability to extend phandle meta-data table
914c7e2 yaml: add alias/anchor based node naming
d9f1abb spec: update remoteproc example per latest spec
40cc05d lop-load: add back CDO
d5d23ab xlnx: subsystem: rename lopper_tree to lopper.tree in imports
7d23ba6 lop-load: update for latest master
4caa022 openamp: add stubs for picking up domain to domain YAML property
d8dae9d openamp_xlnx: rename fily openamp_xlnx.py to allow includes from this file
0358879 yaml-xlate: add stub for domain-to-domain property
903b16a spec: remove resource-groups
1dd1e67 README: update to add mailing list information
5da82a1 lopper/yaml: add lopper processing for "<<+" extension marker
3d05302 assists: domain_access: Fix update_mem_node handling for higher address
3c81fcc fdt: handle large integers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
c9554c6937 |
xen: only package xencommon systemd components if systemd is enabled
We've had reports of both the init.d xencommons and the systemd services attempting to initialize the console, and breaking boot. The systemd initialization really only needs to be enabled when systemd is in DISTRO_FEATURES, and init.d the opposite. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
5f1937e4fb |
netns: update to 0.5.3-tip
We also switch to building with -mod=vendor, and drop our custom symlink
configuration.
Bumping netns to version v0.5.3-8-g00d5d07, which comprises the following commits:
00d5d07 update generation
74d2bd0 update
6cba61f update to github actions
dc7233e update to github actions
d6b2244 update to github actions
b65a990 docs: Update TOC
16152a0 update to github actions
56ffc34 update travis
9b103a1 Bump version to v0.5.3
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
04270c3baa |
networking: introduce slirp dependency
Importing libslirp to meet the requirements of the updated slirp4netns. This is very similar to: https://github.com/schnitzeltony/meta-retro/blob/master/recipes-support/slirp/libslirp.bb But we create our own recipe for now, as we don't want to introduce more layer dependencies. If we can get libslirp moved to meta-openembedded, we'll drop this recipe. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8cd1584a01 |
slip4netns: update to 1.2.0
Bumping slirp4netns to version v1.2.0-beta.0-5-g323aa69, which comprises the following commits:
2365e85 configure: remove inet_ntoa check
2b607f2 Replace deprecated inet_ntoa with safer inet_ntop
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
0f7a2e57d6 |
cni: update to v1.0.1
Bumping cni to version v0.8.0-90-g35efaab, which comprises the following commits:
3e49ce1 Fix incorrect pointer inputs to `json.Unmarshal`
b92c836 fix version of cni v0.8.1 does not have a directory of github.com/containernetworking/cni/pkg/types/100 refer to https://github.com/containernetworking/cni/tree/v0.8.1/pkg/types
269bf61 Spec: Container runtime shall tear down namespaces
48fac6a Update README.md
798e63d Updated README.md to include Netlox loxilight CNI
9070cb3 documentation: update Multus link in README.md to point to the k8snetworkplumbingwg repository
21cd5f0 [exec-plugins]: support plugin lists
c362597 skel: remove superfluous err nil check in (*dispatcher).pluginMain
42f2474 Remove Gabe Rosenhouse as maintainer
2e4887b skel: print out CNI versions supported in help text.
c7f5f70 pkg/version: add VersionsFrom function
5608690 spec: bump to 1.0.0
30e06a8 Docs: bump spec version information
a956246 docs: revise cnitool docs
63a3bca wrap returned errors
b277ec1 docs: correct the extension name of the configuration file
34a8a46 chore: standardize documentation on IP assignment
76bf3de types: ensure empty CNIVersion always creates/converts to 0.1.0
4feedb9 Add breadcrumbs for CNI.go
57cf1ce types/create: add CreateFromBytes()
4fdc5f6 chore: support both value type and pointer type in LoadArgs
f30a824 Remove Bryan Boreham as maintainer
c63d850 Add debug plugin to help debugging/troubleshooting (#818)
9546b70 spec: Some minor corrections
3a13f68 Spec: Bring 1.0's treatment of "args" in line with 0.4.0
c92642b upgrade kube-ovn new github site
67ec904 Fix typo in SPEC.md
0555966 typos correct
8ad568b Rewrite spec.md for 1.0.0
0016917 Adding reference to Azure CNI as 3rd party plugin in readme
ad59be0 types/040: add testcase for <= 0.2.0 Result requirement of one or more IPs
e32b586 remove build badges from homepage
296290a Switch from Travis to GH Actions
a199e6a go fmt
c735780 Markups.
b678c26 Log out the plugin name on ADD/DEL failure.
cni-plugins: update to 1.1,0
Bumping cni-plugins.git to version v1.1.0-6-gb8a10bb, which comprises the following commits:
7a98979 ipam/dhcp: Fix client id in renew/release
7aa07ef call ipam.ExceDel after clean up device in netns fix #666
96c3af8 Add sysctl allowlist
08d0f33 portmap: fix checkPorts result when chain does not exist
dca23ad portmap: fix bug that new udp connection deletes all existing conntrack entries
ba47b49 Enhanced dad set to 1
2be2960 Add boolean to enable/disable dad
8ede7ee Disable DAD for container side veth
22dd6c5 firewall: support ingressPolicy=(open|same-bridge) for isolating bridges as in Docker
90e8e1f Fix host-device gofmt
3b2afc9 host-device: Bring interfaces up after moving into container
9649ec1 pkg/ns: use file system magic numbers from golang.org/x/sys/unix
0c12d8a gofmt
152e7a4 go mod tidy
4319bc4 build: bump to go 1.17
7a55617 Remove arp notify setting per comment
5d073d6 plugins: replace arping package with arp_notify
67110e0 fix #685
1324428 Ran go fmt so tests would pass
fd4c335 Fixed DHCP problem that broke when fast retry was added.
c9d0423 dhcp ipam: adjust retry mechanism
547a516 add ipam tests for dpdk device
3033fd2 add ipam support for dpdk device
d5a6569 ipvlan: Send Gratuitous ARP after IPs are set
27fdec5 dhcp ipam: fix client id
a1051f3 dhcp ipam: rename inconsistent options among files
c627ea8 dhcp ipam: add more options capable for sending
4b216e9 dhcp ipam: add fast retry
2bebd89 dhcp ipam: support customizing dhcp options
be383cf dhcp ipam: truncate client id to 254 bytes
6d1f71e dhcp ipam: print error correctly without format string
24259e7 dhcp ipam: using full config to regular the code
c16cff9 Allow setting sysctls on a particular interface
7cb3453 dhcp: remove implemented TODO
ceb34eb Don't redundantly filepath.Clean the output of filepath.Join
90c0185 Use crypto/rand.Read, not crypto.Reader.Read
081ed44 bridge: Add macspoofchk support
ba48f8a plugins: fix bug where support for CNI version 0.4.0 or 1.0.0 was dropped
62952ff vendor: bump to libcni v1.0.1
8ab2336 static ipam: do not parse the CIDR twice
2052c30 static ipam: improve error msgs when provisioning invalid CIDR
156e59c bump go to 1.16, other misc fixes
0818512 vendor: bump all direct dependencies
9b1666d vendor: bump to libcni v1.0
0e38a1d docs: Update the CI badge from Travis CI to GitHub Actions
24b3fbc bridge: Fix typo in error message for promiscuous mode
a49f908 ip: place veth peer in host namspace directly
a3cde17 bridge: Add mac field to specify container iface mac
a786b12 static ipam: decide wrong cidr error msg
0db5882 static ipam: stop wrapping net.ParseCIDR errors
5a40818 static ipam: show confusing error msg
2f9917e utils, hwaddr: Remove unused package
272f154 ip, link_linux: Remove unused SetHWAddrByIP function
77233dd plugins: remove flannel
4b180a9 refactor(win-bridge): netconf
9215e60 refactor(win-bridge): hcn api processing
93a5503 refactor(win-bridge): hns api processing
aa8c8c1 chore(win-bridge): location related
ec75bb8 chore(win-bridge): text related
c4d4aa7 Remove Bryan Boreham as maintainer
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
cbf5766d78 |
oci-runtime-tools: update to 0.9.0
Along with the commit summary below, we have the following changes:
- refresh the GO cross compiler patch context
- add new go dependency package symlinks
- only build the 'tool', since that is all we need
- fix the build error of:
cannot find package runtime/cgo (using -importcfg)
...
recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
by setting the GO_BUILD_FLAGS appropriately for our static and -pie
configuration
Bumping runtime-tools to version v0.9.0-75-g0105384, which comprises the following commits:
8927281 Add syscall "statx" in seccomp to fix Operation not permitted
a202491 spec generator support setting unified
30cecc1 validation/linux_rootfs_propagation: fix
10d2584 runtimetest: validateRootfsPropagation: fixes
8b26e24 validate: rm Clean() arguments
3fb1264 validation: fix Cleanup
14cd51e Makefile: replace TAP with TAPTOOL
adcb290 Fix hanging on runc create.
5ce2cac cmd/runtimetest: fix NewPid deprecation warning
8e1a3b5 deps: bump github.com/syndtr/gocapability to latest
543268b deps: github.com/hashicorp/go-multierror to v1.1.1
4b164a1 deps: bump github.com/opencontainers/selinux to v1.9.1
ee9c051 deps: bump github.com/mrunalp/fileutils to v0.5.0
01a6f47 deps: bump sirupsen/logrus to v1.8.1
abcb94d deps: switch to google/uuid
2253869 validation/.gitignore: fix
953e752 MAINTAINERS: add @kolyshkin
221e5ea deps: bump github.com/xeipuuv/gojsonschema to v1.2.0
67884fc validate: prepare for new xeipuuv/gojsonschema
09d837b Change /dev to be mounted by default with /noexec
10c865d ci: re-add commit subject length validation
a22a894 ci: add golangci-lint run
a7cecde Add*Hook: do not return errors
c0037c9 runtimetest: silence errlint on unix.Unmount
9505f16 Explicitly ignore errors from YAML
fec9c3c validation: fix Clean
0ab61ae validation: fix/rename ReadStandardStreams
6f4b5ba validate: fix staticcheck linter warning
6a9ad7c runtimtest: fix validatePosixMounts
44e9496 Fix "addr cannot be nil" staticcheck linter warnings
d38bd63 Fix deprecation warnings from staticcheck linter
1826c32 Fix gosimple linter warnings
e36f98f Fix deadcode linter warnings
112c88c Makefile: use fancy git commit ids
16dfbbd Makefile: add/use BUILD_FLAGS
5432bc4 ci: replace travis with gha ci
fab664e Makefile: rm gofmt and golint, simplify gotest
98b2d35 Run make .gofmt
0e5956d Switch from Godeps to go modules
71a5e7c generate: add --linux-intelRdt-closid option
4f51ef9 validation: read pid in PostCreate
6502e57 Fix build of hugetlb tests on 32-bit platforms
10f8f55 generate: fix type for Umask
8f1e958 Remove spurious WARNING message
43243fe Add missing interface to set init processes Umask
120c67a AddDevice(): better diagnostic when creating dup
2affd45 Add missing clone rule for s390x.
be9f6f1 Update hugetlb tests to be more portable
5a98426 Fix cgroup hugetlb size prefix for kB
cd1349b Improve performance of AddProcessEnv
73e9a99 update Mashimiao email in MAINTAINERS
ee63cfa release v0.9.0
0d022f7 Makefile: add rule to print validation-tests
6212483 delete: reduce check waiting time
3abdc1f kill: cleanup container on error
4db38e4 oci: kill process before delete
1c40e59 seccomp: add TAP plan to the output
dd39124 validate: check mount label only for bind mounts
6fd7866 misc: use different objects for the different tests
e83ba34 capabilities: correctly add not existing capability
9585ecb adding security and CoC links
6dae2f0 Simplified code
2e8216d validation: add apparmorProfile validation
b113b38 runtimetest: add apparmorProfile validation
743b0b3 validation: add mountLabel validation
3bc60a4 Windows: Typos and incorrect defaults
20302da add selinux deps
555c03d validate: add mountlabel validation
a2df8d9 runtimetest: add mountlabel validation
b90e5bc generate: add oci-version option
00f6e86 Modify the corresponding test according to hashicorp/go-multierror v1.0.0.
b005481 Godeps: update hashicorp/go-multierror
1f0579c hack: drop -dev from runtime-spec version
b1c11da fix up vm parameters
9f6de4d generate: add process-cap-drop option
192a8eb generate: add process-cap-add option
575c8a0 man: Add some instructions and examples to some commands.
9f55c07 generate: fix capabilities add/drop option
3fc5fcb generate: Verify the input values
146c5ee generate: add vm-image-format option
f5e59a3 generate: add vm-image-path option
0cd6663 generate: add vm-kernel-initrd option
3e43643 generate: add vm-kernel-parameters option
fc0fc84 generate: add vm-kernel-path option
73f6711 generate: add vm-hypervisor-parameters option
9b1de8c generate: add vm-hypervisor-path option
e980d2f generate: add windows-devices option
f5556a8 update to golang 1.11
58f2a15 Initialize Config Windows Network
a4a33d4 release v0.8.0
c291c2a Add generate.New support for Windows.
2974f2e readme: fix wrong filepath
fb101d5 Expose Windows namespace
4615fa4 /proc should be mounted with nosuid, noexec, nodev to match the host
30a03ab Fix test
c48ee5c Vendor in windows runtime-spec changes
d5be152 validation: mounts: fix condition of source & type check
069db1a validation tests: use new RuntimeInsideValidate
270145a RuntimeInsideValidate: can now be called several times
4b49cba devel guidelines: update TAP documentation
caa32a1 validation: Implement DeleteOnlyCreatedRes
e86b898 MAINTAINERS: remove philips
dcadcca Makefile: add generate to gotest
ae94592 release v0.7.0
6c943e8 validation: Implement DeleteResImplement
fab1de6 validation: use t.Fail when checking for main test errors
06591d3 travis: add go 1.10
68b7caa mountinfo: parse empty strings in source
a6e6aff validation: check for masked block, char devices, fifo
99c5e91 validation: check for invalid symlink inside container
234933b validation: check for a masked relative path
303ae30 validation: check for read-only block, char devices, fifo
e60cd06 validation: check for invalid symlink inside container
5dd461f validation: check for a read-only relative path
d9febe1 validation: more test cases for masked paths tests
91f2983 validation: more test cases for readonly paths tests
e2d34c1 validation: add more test cases for private & slave propagations
94f1f84 validation: squash rootfs propagation tests into a single file
708de67 runtimetest: improve logic for checking for file modes
2c9b929 runtimetest: correctly check for a readable directory
0a7749a validation: test with different test cases for hugetlb cgroups
ef113d1 validation: add different test cases for blkio cgroup tests
cf9decf validation: add more test cases for linux_cgroups_network
acaa992 validation: test linux_cgroups_cpus with different values
871f0eb validation: test linux_cgroups_memory with different values
279a194 validation: allow RuntimeOutsideValidate to take a tap parameter
58ea84a fix some misspells
c887efb fix generate test in calling generate.New
cf7b786 README: fix broken links to documentation
cd3faf9 validation: fix nil dereference when handling multierror in hooks_stdin
1fb00d9 validation: use helper util.GetRuntimeToolsNamespaces()
0f52f9a validation: add a new test for NSPathMatchTypeError
ad0e97e validation: exclude user namespaces and cgroup namespaces
f64bed2 validation: add more signals to killsig test
613c5de runtimetest: check if /dev/ptmx is a symlink to /dev/pts/ptmx
582a909 validation: test validation test with an empty hostname
1ceca9e validation: use rfcError instead of specerror
a90cd2b validation: print out correct diagnostics based on specError
23c9a51 validation: sync with unshare by using select & time ticker
e132d37 validation: kill child processes by setting process groups
73358a3 validation: fix a bug when passing in namespace strings
c5c1422 validation: add test for NSProcInPath
1794938 validation: add cgroup devices validation
7c6996f check the status of the state passed to hooks over stdin
6cc92d0 validation: fix nil deferences in cpu & blkio cgroups tests
1c243a8 release v0.6.0
ef75900 validation/kill_no_effect: fix bug
3e3094d Add cgroupsPath validation
f7dd673 cgroups_v1: Correction parameters
2640f5c travis: fix fetch issue of golint
e830fa3 validation: split out pringDiag from testNamespaceInheritType
1ac1c02 validation: split out pringDiag from testNamespaceNoPath
7992f01 specerror: Add NewRFCError and NewRFCErrorOrPanic
d165658 validation: add more values for rlimits test
9152ff4 validation: create: don't skip errors on state
cc8ab2e doc: add developer guidelines
d7985e3 validation: add a new test for NSInheritWithoutType
5ce0ff8 validation: add a new test for NSNewNSWithoutPath
14e621c bash: add os
5d2dc61 validation: Implement ConfigUpdatesWithoutAffect
84a62c6 generate: Move Generator.spec to Generator.Config
2e6f6ab generate: Respect runtime.GOOS when generating default template
1917b8c validate: With --host-specific, compare config platform vs. runtime
e1ad3f0 README: Update to reflect granular TAP output
4b888f2 runtimetest: Use ModeType as the mask in the symlink check
732d438 validation: Use non-empty files in masked/readonly tests
20a71e4 runtimetest: Make TAP output more granular
b4014f8 validation/test-yaml: Drop this local experiment
7f50875 docs/command-line-interface: Require complete runtime coverage
fc1bcf5 fix process_user validation
7c5f941 generate: add process-username option
83d367b validation: add process_user validation
0ddb5cd kill stopped container generate error
73964f2 add hooks stdin test
a79a1cb add test case for KillNonCreateRunHaveNoEffect
ff399f1 contrib/rootfs-builder: Use $(cat rootfs-files)
0f3cf9d validation: LinuxUIDMapping: fix tests
984dbc8 Fix error messages in validation cgroup tests
d5630f7 validation: Implement ProcArgsApplyUntilStart
82836c8 validate: mv deviceValid to validate_linux
e99b47e Implement DevicesErrorOnDup
9e919c6 runtimetest: fix root readonly check
c9b4d66 runtimetest: count correctly TAP tests
a7f94a2 rootfs-386.tar.gz: Add with BusyBox v1.28.0
be8811c contrib/rootfs-builder: Support xz (and other) compression formats
eea2bc9 contrib/rootfs-builder: Support timestamps in stage3 dates
141f9ea contrib/rootfs-builder: Don't hit latest-stage3 when STAGE3 is supplied
4dfca7a contrib/rootfs-builder: add /proc, /dev, /sys in rootfs
b5e5322 contrib/rootfs-builder: fix busybox link list
79ae4aa validation: run CLI with correct argument order
e43d1ff return ErrorOrNil in bundle validate
4e999f2 runtimetest: fix uid_map parsing
d412a17 Fix condition in BlockIO test
8e42ca5 Add system validation
4e8dc67 add annotation and prop tests
ac12f97 Implement PosixProcRlimitsTypeGenError and LinuxProcCapError
0ec9fe6 validation: Add system validation
3401d41 validate: CheckLinux is platform dependent
0451545 validate: allow non-linux compatibility
536b713 Implement PosixProcRlimitsSoftMatchCur and PosixProcRlimitsHardMatchMax
198b3ff add 'delete' testcases
b456bda validation: Add error judgment to SetConfig
1cbf66a check RootOnWindowsRequired
e2fbc1b generate/seccomp: platform independent values
55d7e14 implement kill tests
899a400 generate: fix handling of permitted caps drop
4902e9c implement start operation tests
86869d1 validation: Increase err judgment
4947839 validation: implement PosixHooksCalledInOrder test
f48ae22 validate_test: add weightDevice test
27acd46 implement DefaultStateJSONPattern test
b25ef0d validate: implement DevicesErrorOnDup
87c5e52 release v0.5.0
e211fb5 validate: add logrus.Debugf to CheckJSONSchema
fb9511d validate: Add a non-nil test to CheckMandatoryFields
9177741 add tests when prestart/poststart/poststop hooks fail
5cbd8c7 don't overwrite hook which has a same path
9dca840 validate: add weightDevice validation
78fdf66 validate_test: Complement test
4fdf325 nil config support in lifecycle validate
09ddc02 add lifecycle validation
be390c4 change two LGTMs requirement to one
696b805 waiting until the container stopped in inside validation
ed2a4b3 add 'state' test
c76062f validation: Remove runc 'create' exit timing crutches
d8d2396 validation/util/container: Use ExitError for stderr
5e8b51e Add lifecycle testing function; Add pidfile test. Fixes #556
17486b4 Relax LGTM acquirement for PullApprove
0909a7f release v0.4.0
b5a43d1 validation/util/container: Use --bundle (and stop requiring BundleDir)
8769602 validate_test: add TestCheckMandatoryFields
7815111 cmd/runtimetest/main: Run validateDefaultDevices even with process unset
6ae0867 README: Link to the runtime API docs
fb19ae1 cmd/runtimetest/main: Loop for DRYer validateCapabilities
e85081a Makefile: Clearer warning on missing validation executable(s)
0c2e37e validation/util/container: Use a local UUID for stdout/stderr
a12de42 validation/create: Label the state ID comparison test
b880d57 *: Transition from tap Diagnostic(...) to YAML(...)
0c66fe9 vendor/github.com/mndrix/tap-go: Bump to 629fa407
7a4cb36 docs/command-line-interface: Add Runtime CLI Spec (#321)
c2f774c validation: add mount validation
625e232 Hooks should be passed in as rspec.Hook, not as a string.
48b7f56 Modify the legal value of the rootfs-propagation
5bb8754 runtimetest: add validateSeccomp
9144f82 generate: add windows-servicing option
ef277d6 generate: add windows-resources-storage option
4068d38 generate: add windows-resources-memory-limit option
93b5f72 generate: add windows-resources-cpu option
b285305 generate: add windows-network option
6a71d30 generate: add windows-layer-folders option
e9507da generate: add windows-ignore-flushes-during-boot option
df629e3 generate: add windows-hyperv-utilityVMPath option
8397b70 Add interface to remove mounts.
e266af5 generate: modify the function return value
e996b69 generate: add solaris-milestone option
fc48567 generate: add solaris-max-shm-memory option
3bca692 generate: add solaris-limitpriv option
4a9f3fa generate: add solaris-capped-memory-swap option
c9ef766 generate: add solaris-capped-memory-physical option
61884ee generate: add solaris-capped-cpu-ncpus option
01cf5e7 generate: add solaris-anet option
6f10352 AddMounts should be AddMount you are only adding a single Mount
9bcbe83 Recursive propagation flags should be legal to use
3bd8d43 validation/linux_cgroups_*: Generate TAP output
c94875e validation/util/test: Fix 'start' -> 'create' typo in error message
1094856 validation/util: Generic RuntimeOutsideValidate API
612c315 validate_test: perfect TestJSONSchema
8fb3e83 Add validation when host-specific is set
9db5ddf validate: change platform default value
8a09ee1 generate: Use non-null validation instead of initialization
10ede2c validate: Add a double guards to the call of the verification function
2f21180 filepath/clean: Add Windows support
17ce13a filepath/abs_test: Compare IsAbs with the standard library
60df768 filepath/clean_test: Compare with the standard library
f2e8be2 filepath/clean: Avoid a panic on abs-path with trailing ..
eb2ffab filepath/clean: Handle 'a/..' -> '.' case
4b20ce2 validate: fix CheckHooks
4d0a011 validate: fix CheckCapabilities
45068ce validate_test: add TestCheckHooks
34f773a validate_test: add TestCheckPlatform
7c09b4c add relative cgroupath test
1aebc09 update to support relative cgrouppath test
6351044 add cgroup network test for runtime
72e67e5 add cgroup pids test for runtime
b712995 add cgroup cpus test for runtime
f1e02ff add cgroup blkio test for runtime
432615a add cgroup hugetlb test for runtime
4a57b0f add cgroup memory test for runtime
07118a8 add runtimeOutsideValidate
9a56096 add cgroups package
0d75257 validate: remove duplicate verification
229722a validate_test: add TestCheckLinux
e7ee761 remove kernel limit for id mappings
f7b8c7e fix idmappings test
53da048 generate: add linux-intelRdt-l3CacheSchema option
ad47e7d Makefile: Change from prove to node-tap
0a919c0 validation/util/container: Remove bundle even if delete fails
e11b77f validation: Use prove(1) as a TAP harness
721fbce solve conflicting option problem
e409855 man: small fixs
58374ae remove --mount-cgroups option
74d6245 man: add manpage for option --mounts-add
6e78ff2 support json value for hooks
1c2dca0 generate: Move generate_test.go from validation
9422eec cmd/runtimetest/main: Use TAP diagnostics for errors
ca332ae runtimetest: fix nil dereference
cdf38ca validate: fix nil deference
3e82a0a add all left behind container inside tests
9a69e14 add preFunc
39f3f74 runtimetest: add host platform validation
7026311 runtimetest: add rootfs propagation test
adf1844 generate: fix error return
d327e0b generate: fix DropProcessCapability*
b5c45de generate: remove redundant code
5557d36 add more test cases for default runtime validation
9f47cbe remove debug info
68e7720 generate: change process-tty to process-terminal
045bc5f generate: fixed seccompSet
8765570 runtimetest: add posixValidations
45b2686 runtimetest: add validateUser
cc5bf05 runtimetest: fix process validation
6c98b46 runtimetest: Raise ConfigInRootBundleDir for missing config.json
95e0d95 runtimetest: Make validateRlimits silent on Windows
2746c06 move validateRlimits to defaultValidations
3c9cdc5 runtimetest: fix error return
630f06a validate_test: add cwd check to TestCheckProcess
3a46197 add version file
e08f842 release v0.3.0
90ace62 translate RFC errors
a171213 redefine error code as int64
3a97b98 translate more RFC errors based on specerror
87d3df2 complete RFC codes of runtime.md
ccef443 generate: add mounts related option
64c5ef8 complete specerror of config-linux.md config-windows.md
6df06d9 validation: add a generate smoke-test
a6f475f config: correct rootfs default
de08605 validate: allow unset "type" fields in resource devices whitelist
7553161 validate: Soften unrecognized rlimit types to SHOULD violations
b446e38 add specerror framework; complete rfc errors of bundle.md and config.md
19b061c generate: fix nil deference
6d2dbbc runtimetest: fix nil deference
0b49b01 man: fix typo
6089f63 specerror: Add SplitLevel helper
a9dbd7e cmd/oci-runtime-tool: Implement --compliance-level
286d437 fix compile issue
310bac8 bash: fix commands
6dabb9b generate: fix rootfs-propagation
93ba5a2 bash: fix rootfs-propagation
4beb2a6 validate: fix cap validation
ed4adc3 travis: update go versions
19ae238 CHANGELOG: Document changes since v0.1.0
f172006 release: v0.2.0
c3c8c02 rootfs-386.tar.gz: Add with BusyBox 1.25.1
894cae7 validate/validate: Linux rlimits extend the POSIX rlimits
6367e88 validation: Support per-architecture tarballs
ff5e578 contrib/rootfs-builder: Support multiple architectures
a94f1f6 contrib/rootfs-builder/Makefile: Ignore previous symlinks
8635532 contrib/rootfs-builder/Makefile: Raise errors from echo recipe
4f756fd Specific cap-drop command
ea55f9d Specific cap-add command
5cb6c48 rootfs.tar.gz: Bump to BusyBox 1.25.1
1a9532e generate: remove redundant content
567f1aa validate: add root.path validation when platform is windows
2cbb341 validate/validate_test: Add linux.rootfsPropagation checks
6e7da81 validate/validate_test: Better error messages for unexpected JSON Schema errors
4a705c6 validate/validate_test: Handle JSON Schema test not raising an error
16be985 validate: Delete the extra validation
b3fc8fe validate: add the validation of rlimit.type when platform is solaris
24a2327 validate: modify the condition of the deviceValid
cf64923 filepath: Add a stand-alone package for explicit-OS path logic
fa9842c Add manpages and bash-completion for --device-access-add and --device-access-remove
7f09e1b generate: add --device-access-add and --device-access-remove option
a9c6787 generate: support blkio related options
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3cd2f56a16 |
oci-runtime-spec: update to 1.0.2-tip
Bumping runtime-spec to version v1.0.2-79-g7ceeb8a, which comprises the following commits:
600a8bd cgroup ownership: clarify that some files may not exist
0608c1f Switch to GitHub Actions, CODEOWNERS, etc.
f4ef391 specify cgroup ownership semantics
104385d config-linux: MAY reject an unfit cgroup
411082c add youki to implementations.md
6641127 alphabetize the implementation list.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
5fd91604ef |
oci-image-tools: update to 1.0.0-rc3
Bumping image-tools to version v1.0.0-rc3-6-g11f9988, which comprises the following commits:
8899fa9 README: add summary of project status
c6e5a1b version: back to development
25e557a version: update to 1.0.0-rc3
e324098 update email in MAINTAINERS
c3f8284 Revert "Relax LGTMs"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
f5bf9b80af |
oci-image-spec: update to 1.0.2
Bumping image-spec to version v1.0.2-144-g02efb9a, which comprises the following commits:
d6ce48a Add mediaType fields into example manifest & image index JSON references
bc44f5b Fixing charter link
02c5c05 implementations: adding the C and Rust libraries
a36b0c8 Handle multiple matching index entries
a3eee7d README.md: Remove link to OCI scope table The OCI scope table no-longer exists.
4533d3e schema: use Go's embed package instead of esc
d147780 .tool: remove lint tool, call linter directly
0e094f3 schema, specs-go: fix lint errors
d3cd202 *: switch to golangci-lint
4d865bc go: have the go.mod at top-level
0f6c001 Remove unneeded docker pull of pandoc image
de28903 Makefile: stale installation of glide was failing
3a46ac8 github: bring forward the versions of golang tested/built with
6ced3bd media-types: `.mediaType` is available in both OCI and Docker
3be64d9 version: bump main back to -dev
beccafd version: release 1.0.2
5b82148 specs-go: adding `mediaType` to the index and manifest structures
2eb4046 *.md: bring mediaType out of reserved status
e3885ce version: bump main back to -dev
67d2d56 version: release 1.0.2
dcdcb7f specs-go: adding `mediaType` to the index and manifest structures
5f31485 *.md: bring mediaType out of reserved status
3fee04b Adding ACR to implementations
8087946 Reflect docker dontation of distribution to CNCF
bd2fa25 Minor spelling correction
fc4df0a Fix very minor oversight in config example
0d98a6c Scope data verification to content consumers
83479d4 Clean up portability considerations
fccc435 Implementations MUST NOT populate data arbitrarily
2596ec0 Expand godoc for Data
58c082d Add note about portability concerns
ce281ce Add Embedded Data section
aaf8045 Define the data field
4f080a7 Add go.mod and pin dependencies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3ca7a147e0 |
lxc: update to 4.0.12
We refresh our wget -> curl patch for context, but otherwise, no other
changes are required.
Bumping lxc to version lxc-4.0.12-8-g5ba5725cb, which comprises the following commits:
5ba5725cb cgroups: modify cgroup2 attach logic
1e4631641 ttys: ensure container_ttys= env variable is set correctly
8ef019a6c doc: Fix reverse allowlist/denylist in Japanese man page
f1c4a17e7 cgroups: log fd of newly created cgroup
f7446b4e1 cgroups: check that opened file descriptor is a cgroup filesystem
71ba7f656 doc: Fix reverse allowlist/denylist
f314419d1 lxc-checkconfig: Fix bashism
ca4c25c6e lxc-net: don't start by default inside lxc
7e37cc96b Release LXC 4.0.12
d678aa61e lxccontainer: allow xdev when creating the container dir
bc61d2354 github: Clear default ACL on /home
fb0e0b3dd github: add systemd-coredump
53e0d390c github: more detailed compilation instructions
db84a8b6b github: log system info
e9282b6a6 github: ensure system liblxc is wiped
ad8a3bd68 lxccontainer: properly wrap lxcapi_create()
bceb81cd2 build: simplify thread local storage handling
919da35b0 build: only enable LTO for regular builds
d0a1e9c44 lxccontainer: simplify partial file creation
62b5c0051 lxccontainer: improve create_partial()
bfe24cb6a lxccontainer: improve do_lxcapi_create()
1a5c236ac lxccontainer: improve do_lxcapi_save_config()
bae0d7196 conf: log termination status
4eb09aaad conf: improve userns_exec_mapped_root()
928943280 github: stop installing gnupg now that it's unused
7c70b0d14 lxc-download: Rely on HTTPS only
199d2077c Update README.md: Fix broken link (403 Forbidden)
0b6b230e3 attach: don't pointlessly call cgroup_init()
dbef704fb commands: log command during file descriptor retrieval
733f9c909 lxc-checkconfig.in: CONFIG_NF_NAT_IPV4 was removed from the kernel 2019-03-03
ce392e230 (trivial) Fix error message, failure was connect not bind
5628bff79 seccomp: close seccomp notifier fd in cleanup handler
1f2af83a9 seccomp: only guard seccomp notify behind HAVE_DECL_SECCOMP_NOTIFY_FD
9451303d5 api-extensions: don't advertise seccomp notify support if it's not compiled in
23d07c315 use 2 sysfs instances for sys:mixed
0dd3258bd Revert "api: ->save_config() doesn't need to create container dir"
93edd510a api: ->save_config() doesn't need to create container dir
28b2e04f1 cgroups: fix compiler warning
15515f9a3 Revert "initutils: use vfork() in lxc_container_init()"
41d2530d1 macro: ensure necessary io_uring flags are defined
fc4e948c9 autotools: Avoid multiple liblxc.so with --enable-pam
a616a311a build: refuse to compile with unsupported liburing version
93be4e512 tests: add lxc.proc.* test
d8027e49c tests: add lxc.sysctls.* test
6f580343e test: improve logging helpers
a10ff3418 conf: improve logging setting sysctl and /proc/<pid>/ parameters
334cf7beb conf: apply /proc/sys and /proc/<pid>/ parameters
1b74e01ad tests: include config.h
c36379431 build: move _FILE_OFFSET_BITS to common option
f24c234ee start: log signal name and number
4915c9112 process_utils: add signal_name() helper
78baec37d build: improve liburing support detection
1a102b310 mainloop: make ifdefs easier to follow
cf931928f Replace last occurence of 'which' with 'command -v'
1ec5939b4 Replace deprecated backticks with $() construct
fdfb4a13d Replace 'which' with 'command -v' in tests too
71743e811 start: check event loop type before closing fd
f69e6b4d3 mainloop: make sure that descr->ring is allocated
1a8895855 Replace 'which' with 'command -v'
9219277cc build: add io-uring-event-loop option
d04eb166c build: add static libcap to output
bc51048b7 confile: don't use path_simplify() on lxc.{execute,init}.cmd
48728e988 conf: add cgroup2, cgroup2:ro, cgroup2:force, cgroup2:ro:force options
4d3aad49d AUTHORS: Update to point to git history
e328a988e conf: handle kernels without or not using SMT
d40b0deb4 doc: fix typo in English lxc.container.conf(5)
49fab27fc doc: Add lxc.sched.core to Japanese lxc.container.conf(5)
1ad1cab80 doc: add loglevels to ja and ko common options
1505f0780 conf: make it more obvious how auto-mount flags are defined
429233cf0 criu: support restoring containers with pre-created veth devices
48e079bf3 Release LXC 4.0.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
2dd6ba297c |
umoci: update to 0.4.7-tip
Bumping umoci to version v0.4.7-70-gfa8e9f8, which comprises the following commits:
c67586e build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
88aaeca fuzz: always use golang:latest
37b9db4 build(deps): bump golang from 1.17.4 to 1.17.5
09ff9d5 build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
86eb281 build(deps): bump golang from 1.17.3 to 1.17.4
610dabf oci: protect against mediatype confusion attacks (CVE-2021-41190)
9b17e05 oci: gc: fix tests to correctly use the right media-types
38c20f1 ci: fix fresh builds
220b0c0 build(deps): bump github.com/opencontainers/image-spec
732d36d build(deps): bump golang from 1.17.2 to 1.17.3
58f3a37 mutator: .Config() should return ispec.Image vs. ImageConfig
001bbd4 ci: update main branch name
7bebba6 ci: osx: only try to unlink parallel if installed
a0d54ce build(deps): bump golang from 1.17.1 to 1.17.2
72ec924 *: use new protobuf package
09d1d79 build(deps): bump github.com/golang/protobuf from 1.5.0 to 1.5.2
88243cd build(deps): bump github.com/rootless-containers/proto
12270d3 build(deps): bump github.com/opencontainers/runc
056236a *: make codecov slightly less annoying
18fdf79 build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0
6f84bbb build(deps): bump github.com/cyphar/filepath-securejoin
0b4d52f build(deps): bump github.com/apex/log from 1.4.0 to 1.9.0
ac6ba6c build(deps): bump github.com/klauspost/pgzip from 1.2.4 to 1.2.5
9cd570d build(deps): bump golang from 1.14 to 1.17.1
26e57a2 gha: enable dependabot
65932cd ci: hardcode Go version used for linting
17111a6 *: use go1.17-friendly go:build tags
f6c2e79 codecov: drop explicit env.CODECOV_TOKEN
f80d8e2 ci: use codecov-action
785ed73 fix(Makefile): avoid usage of which
97099f1 mutate: implement an AddExisting() API
5adbd99 oci: casext: walk: do not attempt to recurse into un-parseable blobs
aad89ed oci: cas: add StatBlob to CAS interface
7091cd1 ci: switch to GitHub Actions
3ceb144 Add 2 fuzzers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3b75599096 |
skopeo: update to 1.6.1
Bumping skopeo to version v1.6.1-10-g3e2defd6, which comprises the following commits:
52002728 Update github.com/containerd/containerd
0ad25b2d Bump github.com/containers/image/v5 from 5.19.1 to 5.20.0
8cbfcc82 do not recommend upgrading all packages
370be7e7 Improve a comment in the 010-inspect.bats test
73edfb82 Move to v1.7.0-dev
49084d2c Bump to v1.6.1
23183072 Work around systemd-resolved's handling of .invalid domains
3be97ce2 Beautify a few calls
49d9fa9f Only look for the layer digests in the Layers field.
77363128 Don't expect the config blob to be listed in (skopeo inspect)
0f363498 Cirrus: Use updated VM images
27b77f2b Bump c/common to v0.47.4
de714082 tests: skip sif test on RHEL
697ef595 Bump to v1.6.1-dev
e4b79d77 Release v1.6.0
162bbab3 Bump version of containers/image and containers/common
004519f1 Improve the documentation of boolean flags
9db60ec0 Document where various fields of (skopeo inspect) come from
cb74933b Improve the documentation of the argument to (skopeo inspect)
7f4db3db Update vendor of containers/storage and containers/common
a4476c35 add a SIF systemtest
042f4816 Update vendor of containers/common
bd8ed664 Github workflow: Fix yaml syntax
b51707d5 Bump github.com/containers/storage from 1.38.0 to 1.38.1
bb49923a prompt-less signing via passphrase file
cd58349b Github-workflow: Report both failures and errors
2858904e Run codespell on code
923c58a8 Update the vendor of containers/common
1bf18b7e Bump github.com/containers/storage from 1.37.0 to 1.38.0
d32c56b4 Update github.com/containerd/containerd to 1.5.9
6007e792 Fix the pseudo-version of github.com/opencontainers/image-spec
5aa06a51 Update github.com/opencontainers/runc to v1.0.3
f6a84289 Bump github.com/spf13/cobra from 1.2.1 to 1.3.0
c5b45c6c Bump github.com/docker/docker
c582c484 Add option to preserve digests on copy
2046bfda Add option to preserve digests on copy
e7dc5e79 proxy: Also bump compatible semver
3606b2d1 proxy: Add a GetFullConfig method
5c82c772 Update github.com/containerd/containerd to v1.5.8
37d801c9 Update opencontainers/image-spec
d9401546 Add an option to allow copying image indexes alone
4dcd28df Use a dynamic temp dir for test
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
418b05846e |
runc-docker: update to 1.1.0-tip
Bumping runc to version v1.1.0-5-gb9460f26, which comprises the following commits:
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
d7f7b22a VERSION: back to development
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
e1c1b9dfd0 |
runc-opencontainers: update to 1.1.0-tip
Bumping runc to version v1.1.0-5-gb9460f26, which comprises the following commits:
986e7c53 libct: fixStdioPermissions: ignore EROFS
5053a065 libct: fixStdioPermissions: skip chown if not needed
d2939b6b libct: fixStdioPermissions: minor refactoring
d7f7b22a VERSION: back to development
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
0ac7cbd51a |
podman-compose: update to 1.0.3
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
037f0d3155 |
podman: update to v4.0.1
Podman now installs the systemd service and socket by default, so
we can drop our custom installation of those elements, otherwise the
build is unchanged.
Bumping libpod to version v4.0.1-11-g717edd7b8, which comprises the following commits:
0f626c377 Bump to v4.0.3-dev
342c82593 Bump to v4.0.2
bd5ff1c32 Update release notes for v4.0.2
791c8c347 Revert "use GetRuntimeDir() from c/common"
cc4a70c80 Revert "Option --url and --connection should imply --remote."
ca980c2e0 Option --url and --connection should imply --remote.
cfcc0d639 Bump to v4.0.2-dev
c8b9a2e3e Bump to v4.0.1
b1ffa822f Update release notes for v4.0.1
de9f22805 Fix a potential flake in volume plugins tests
697dd2890 Propagate $CONTAINERS_CONF to conmon
c559e4e6f tests: Remove inaccurate comment
3718d096b System tests: show one-line config overview
e1d5c812d provide better error on invalid flag
2b85f62a2 use GetRuntimeDir() from c/common
82f4760de kube: honor --build=false and make --build=true by default
e356dfe06 system tests: cleanup networks on teardown
71b0909f2 Remove the runtime lock
ee7cf3cc2 Don't log errors on removing volumes inuse, if container --volumes-from
eb9fe52a5 kube: honor mount propagation mode
a0c34d64a Load ip_tables modules at boot
e8d7e580a Cirrus: Disable F34 aka prior-fedora testing
7b106f5b6 Cirrus: Update VM Images for 4.0 release
d59749d64 Bump to v4.0.1-dev
49f8da727 Bump to v4.0.0
84c8870ac Release notes for v4.0.0 final
15cb91855 Fix lint
ae9ad416a Fix manifest 4.0 Endpoints Branch forced 4.0 only endpoints
1a8c715f1 Introduce podman machine init --root=t|f and podman machine set --root=t|f
f71dfcb5d Initial implementation of mac forwarding using a privileged docker sock claim helper
2128236da ignition: propagate proxy settings from a host into a vm
809da6b0b Update to podman4 copr stream
bd8ac0017 Unify ls --filter docs for networks and pods
77e51e188 e2e: merge after/since image-filter tests
8ad29421e podman network: add documentation for netavark
f35e03ec8 create: Fix key=value annotation in the flag output
22cfa9860 enable netavark specific tests
d77b4f92c Fix checkpoint/restore pod tests
a72e22160 Make sure building with relative paths work correctly.
975d79aed Add 409 response to swagger godoc
421b7466c Fix images since/after tests
04badc2c9 Changes of docker descriptions
09708bee9 Fix images since/after tests
35a4f32be Changes of docker descriptions
629d86445 Temporarily pull machine images from side repo
a6fbfd47c Cirrus: TODO: netavark/aardvark release branches
e5644bbf1 Cirrus: Expand netavark testing to include rootless
1656a2335 Cirrus: Minor - limit release task applicability
afb39f2e4 Cirrus: Add [CI:BUILD] magic that only builds
926c3b08a CI: fix nightly builds
1e3115cf4 Cirrus: Log netavark/aardvark binary build info.
66a3be370 Cirrus: Add netavark/aardvark system test task
6b0d4d915 Cirrus: Also download aardvark-dns binary
b63f61f5c Cirrus: Add e2e task w/ upstream netavark
6a3de9351 Revert minimum API change
9688a462e netavark e2e tests
92790e98c Bump to v4.0.0-dev
d7d79ce81 Bump to v4.0.0-RC5
5356e36b8 Update release notes for v4.0.0-RC5
77ca2498e Modify /etc/resolv.conf when connecting/disconnecting
f8cd4df1b Do not set the network config dir to cni plugin dir
d0fccbbbb Show API doc for several versions
e7998b122 [NO NEW TEST NEEDED] Add schema for ImageCreate 200 response.
6d01b6dd6 fix: Multiplication of durations
ed60f8908 move rootless netns slirp4netns process to systemd user.slice
7e37c608f compat: endpoint /build must set header content type as application/json in reponse
9aee36b76 Cleanup: remove obsolete/misleading bug workaround
b1b9a0d7a tests: retrofit healthcheck system tests
74cba33c7 healthcheck, libpod: Read healthcheck event output from os pipe
7ec63f092 Fix: Do not print error when parsing journald log fails
d62a0204d Bump github.com/buger/goterm from 1.0.1 to 1.0.4
bcd5f5ead append podman dns search domain
b1bf91a22 Podman pod create --share-parent vs --share=cgroup
85c0fe7dc System tests: revert emergency skip of checkpoint tests
71d151449 Add version guard to libpod API endpoints
345413540 [v4.0] Bump c/common to v0.47.4
7499496f3 idmap should be able to be specified along with other options
e47a3bec9 Vendor in containers/buildah v1.24.1
cad3eb78b Bump to v4.0.0-dev
0c9648136 Bump to v4.0.0-RC4
c1618042f Disable failing E2E test
70623790d Revert "Move each search dns to its own line"
48f10e1d0 Move each search dns to its own line
938d5152c Update release notes for v4.0.0-RC4
99968002f Document `schema` values in the `--url` flag
6d747dca2 podman image scp syntax correction
e0cbcdc33 system prune: remove all networks
8f3f0710f Only change network fields if they were actually changed by the user
fb6fca806 docs: clarify rootless net stats
cad6459b6 Fix size to match Docker selection
06821627f libpod: enforce noexec,nosuid,nodev for /dev/shm
44cd232be Clarify remote client means Mac and Windows
9d3bcb587 libpod: report slirp4netns network stats
f65b62c98 Add notes to "--oom-kill-disable" not supported on cgroups V2
178cccbf9 Fix use of infra image to clarify default
97c8bdfeb Adapt podman images ls filters docs to be aligned with prune filters docs
49076ba87 ignition, machine: delegate cpu,io cgroup controllers to machine's default users
0c9a8ac07 pkg/bindings/images.Build(): slashify "dockerfile" values, too
3b565bacf Remove mention of IPv6 portfwd from release notes
10a966a2a Bump to v4.0.0-dev
9b441c0dd Bump to v4.0.0-RC3
f5dfe026d Update release notes for v4.0.0-RC3
ebf5ad50e Fix Cirrus destination branch
e64e6500d volume: add support for non-volatile upperdir,workdir for overlay volumes
a928d39d0 github: label issues based on os fix regex
525bdc377 github: label issues based on os
4c26a3a5c Cirrus: Fix get_ci_vm.sh initial setup
d455bb879 System tests: emergency skip of checkpoint tests
6961d9120 network create: allow multiple subnets
86547cc24 Update troubleshooting.md
24dc02064 Fix sort ordering of filters
63b1557a2 Unify podman prune filter description: volumes, networks, system
4a4d86d40 Bump Buildah to v1.24.0
6336e1ff1 rootless: drop permission check for devices
77cd38d40 switch podman image scp from depending on machinectl to just os/exec
ab22a688d Bump github.com/containers/image/v5 from 5.18.0 to 5.19.0
991652988 Bump github.com/containers/storage from 1.38.0 to 1.38.1
9073b56a3 change location of where make outputs podman binary on osx
72ddacdbe Github workflow: Fix parsing of GraphQL response JSON
6df245c6e Github-workflow: Fix YAML syntax
44a87229b Update godoc, swagger using wrong struct
e4636ebdc Makefile: install targets independent of build
42e1c2981 [CI:DOCS] Fix typos and improve language
7cdb00a45 CI: enable rootless-remote system tests
98739237e pkg/specgen/generate/security: fix error message
29e89da1a Github workflow: Send e-mail on job error
0d42d9f8d Github workflow: Update Cirrus-cron GraphQL query
dbfe79757 remote build: set rootless oci isolation correctly
8099a61b6 [CI:DOCS] Fix typos and improve language
80a5295d4 Fix handling of duplicate matches on id expansion
1cddd6397 Show correct default values or show none
e252b3b4f exec: retry rm -rf on ENOTEMPTY and EBUSY
2f371cb12 container create: do not check for network dns support
75e6994d4 libpod: fix leaking fd
f6e36a649 libpod: fix connection leak
e68d188f6 [CI:DOCS] fix typo subpordinate
aff6a5af8 Fix filter description and unify filters docs for containers/images prune
7938f32c5 Remove unused param and clean API handlers
e834297b3 Restore machine start logic that was hanging
c81a616ca Bump to v4.0.0-dev
71238d3cc Bump to v4.0.0-RC2
b29640c78 Final release notes for v4.0.0-rc2
5736649eb Run codespell on code
f6bb60087 Update release notes for Podman v4.0.0
653da8fe8 Fix #2 for compat commit handling of --changes
9d815707e Fix nil pointer dereference for configmap optional
0b5136c7c Make error message matching in 030-run.bats less fragile
9241b4e34 Don't explicitly check for crun|runc in package information
2947ded7a Don't segfault if an image layer has no creation timestamp
1c0fdba4f compat: remove hardcoded index from load images output report
9df31cfb7 compat: images/load must be able to load tar with multiple images
47df14af5 System tests: fix for new systemd on rawhide
ee039b740 Remove rootless_networking option from containers.conf
e22b9889d vendor c/psgo@v1.7.2
1f85244ab Engine.Remote from containers.conf
2c492be00 vendor: bump c/common and other vendors
7046e7804 rootless: report correctly the error
2d0b5ebb5 Implement API forwarding for podman machine on Windows
4693fc6db Implement env parsing on Windows
c674d3cc7 Handle changes in docker compat mode
dbaaef5c4 Show package version when running on alpine
b9a2d8698 Handlers for `generate systemd` with custom dependencies
abcd29239 APIv2 tests: followup to recent log test
4b384e08a Add IndexConfigs to compat /info endpoint
a0165a64b Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
af6a43fa4 apiv2 test: add regression test for #12904
4d1c327ed SECURITY.md: fix the project name
c0e072346 rename --cni-config-dir to --network-config-dir
7e30531f2 compat attach: fix write on closed channel
774271c38 upgrade all dependencies
38fbc8af1 Revert "Cirrus: Temporarily disable OSX Cross task"
4adf457ff Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
bd09b7aa7 bump go module to version 4
f23e8ca67 [NO NEW TESTS NEEDED] add builddeps to copr template
471a4356b CI: rootless user: also create in some root tests
c8124b88a [WIP] Tests for podman image scp (the sudo form)
141de8686 Revamp Libpod state strings for Docker compat
860463d97 Cirrus: Temporarily disable OSX Cross task
06ad51c83 update c/common to latest
10d969ff1 Use PODMAN_USERNS environment variable when running as a service
6bca61e0f Unify the method of parsing filters in cmd
3c2a5947c fix default branch links
d6e55577c [CI:DOCS] fix default branch links
bb3097cd0 [CI:DOCS] Unprivileged native overlayfs is now supported
ab8a50848 [CI:DOCS] Fix typo in --env
420303b94 Recursively copy cert files.
8a7e70919 Refactor manifest list operations
350765e79 Add rpkg template for COPR autobuild
607cb80bf Fix cgroup mode handling in api server
a15dfb364 Standardize on capatalized Cgroups
13917dfab test/system: podman run update /etc/hosts
14940a067 Remove two GetImages functions from API
72ab66d88 Use fully-qualified device name in CDI test
968deb7c2 Use new CDI API
96be2bb3d troubleshooting links to main branch
bf3734ad5 Podman Build use absolute filepath
699683010 Prohibit --uid/gid map and --pod for container create/run
a4cef5435 podman container rm: remove pod
ece768ff9 Manual fixes for PR #12642:
92e787521 podman build enable --all-platforms and --unsetenv
fa6405c3c use events_logfile_path from containers.conf for events log.
f257d9839 Podman Pod Create --sysctl support
b7fe25dc2 Wait for podman stop to complete
194d14ca2 libpod: fix check for systemd session
8dc2464b0 libpod: refine check for empty pod cgroup
b24063582 fix buildah-bud test diff
85f9cf390 upgrade test: check that network backend is cni
918890a4d use netns package from c/common
0151e10b6 update buildah to latest and use new network stack
858b21064 podman image scp: implement --quiet
495884b31 use libnetwork from c/common
fde6ad637 Add --noout option to prevent the output of ids
5aedcb364 remote events: convert TimeNano properly
47374aac8 Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
485305a5f vendor latest c/common
6e208c222 add additional fields to podman machine ls --json
6fa077750 buildah bud tests: skip failing tests
83b0fb469 Fix permission on secrets directory
8f2358eea Add podman rm --depend
f04465bfe fix host.containers.internal entry for macvlan networks
6d5ad9c11 It takes some time to start a VM
c085fb3c9 Pretty Print output of podman machine ls --format json
19a475906 Use the InfraImage defined in containers.conf
799078216 Cirrus: Freshen VM images
0e4e5cf99 Revert "Cirrus: Temp. ignore gitlab task failures"
a95c01e0e pkg: use PROXY_VARS from c/common
a8b02cf4b ignition: add support from setting SSL_CERT_FILE
5c363ff27 ignition: propogate HTTP proxy variables from host to remote
18785450e Bump to v4.0.0-dev
9d26c1abb Bump to v4.0.0-RC1
508f9b76e System tests: fix RHEL8 gating tests
b7380a7c3 vendor c/common
01ba2531b Remove dead RuntimeOption functions
0933f6c0b Update docker cli message for case where user creates directory
4dc5a5b15 Don't add env if optional and not found
a8a3e8bc9 Fix type-o in podman.wxs
37c0b27b6 [CI:DOCS] fixes indentation of example pod yaml
7dada6d49 Prevent double decoding of storage options
f68890815 Emergency system-test fixes
1941d45e3 add OCI Runtime name to errors
2a524fcae fix healthcheck timeouts and ut8 coercion
4191616cc Don't rename pod if container has the same name
13f3fd255 Set volume NeedsCopyUp to false iff data was copied up
7a24be6ad Fix CI
680923743 correct typo words in docs
64df41755 Change Tests to ignore missing containers when removing --all
79c5b73ed test/e2e/pod_initcontainers: fix a flake
cf7fc3695 test/e2e/run: don't use date +%N on Alpine
2e0d3e9ea Support all volume mounts for rootless containers
32e845028 Fix wrong 'podman search --format' placeholder
0c6ae3ab2 Fix Container List API call to return mount info
76a944b14 fix misleading comment regarding default value of cpu period [NO NEW TESTS NEEDED]
c496001d0 add --ip6 flag to podman create/run
116a276e8 legacy events: also set exitCode
f6a3eddd2 Don't initialize the global RNG with GinkgoRandomSeed() in e2e tests
90e74e794 Avoid collisions on RemoteSocket paths
ee146a9ab Refactor remote socket path determination in tests
a8e223faf fix doc
2ff5644bf test/system: podman run image with filesystem permission
fc65b0f73 test/system: podman run with log-opt option
1e3434d11 Update swagger documentation
6630e5cf6 Make it possible to select the volume driver
a3326e23d Check the mount type for future compatibility
8e7eeaa4d Implement virtfs volumes for podman machine
ec32430a0 [CI:DOCS] Add example of cpus to init command
a2687783d prefix imageId with sha256: in containers list test for compat API ImageId
289270375 Pod Security Option support
f21744939 ignition: add certs from current user into the machine while init
410082f25 docs: sort swagger operations alpabetically
7117d5605 .service file removal on failure
803defbe5 Introduce Windows WSL implementation of podman machine
f6d00ea6e podman image scp never enter podman user NS
e8c06fac9 Allow users to add host user accounts to /etc/passwd
1aa4e4d4d container creation: don't apply reserved annotations from image
cbcab4342 [CI:DOCS] clarify `io.podman.annotations.seccomp`
d669dbfb9 Error out early if system does not support pre-copy checkpointing
b746b2256 Update go-criu to v5.3.0
cb4f498e4 [CI:DOCS] docs: document rootless userns mappings
3ac5999f8 Switch to a new installer approach using a path manipulation helper
207823eb0 e2e: Add dev/shm checkpoint/restore test
f3d485d4d Enable checkpoint/restore for /dev/shm
2d7dbda41 Update github.com/checkpoint-restore/checkpointctl
af1dbbfb7 Always run passwd management code when DB value is nil
a5e49d966 Warn on use of --kernel-memory
04dbbd96b support hosts without /etc/hosts
20ce6e5c6 Podman run --passwd
fca66b6cb ci: force scratch build for crun
64ce6949f Use hosts public ip address in rootless containers
b1f5e861b compat: image normalization: handle sha256 prefix
89ee302a9 specgen: honor userns=auto from containers.conf
bb096c3bf [CI:DOCS] Small checkpoint/restore man page fixes
1ddb49c66 [CI:DOCS] Explicitly mention that checkpointing systemd containers might fail
3570c38ff vendor: update containers/storage
48cb44651 build: fix test for subid 4
46a094a7a test: add --rm to podman run commands
af6bcd086 fix(generate): fix up podman generate kube missing env field bug
a1ebde118 legacy events: also set Action="die"
a837984c4 rootless: include the args in the debug message
5cbc6b62d apiv2 tests: use quay.io/libpod/testimage:20210610 for platform tests
12d762f8e image rm: allow for force-remove infra images
6423174c6 tests: adjust old build test to expect exit code
28018ce60 Test for checkpoint specific inspect fields
bc3389e21 Add more checkpoint/restore information to 'inspect'
f566d8b8e build: relay exitcode from imagebuildah to registry
e88c21366 Removed .service file for healthchecks
a86495ea6 Set machine timezone
459e78414 MovePauseProcessToScope do not seed everytime
f241efb17 bindings rmi test: clarify behavior
03a3fc37f bump cobra to 1.3.0
6cde9255f .github: revert to the old template
4243ca93a oci: configure the devices cgroup with default devices
3b6510da6 kill: fix output
5392ff51c e2e: search flake: skip test on registry.redhat.io
7b51acd4c APIv2 tests: fail on syntax/logic errors
51a4bef2e Show --external containers even without --all option
0a2eb7b18 apiv2 tests: refactor complicated curls
888c778ee fix network id handling
afdb4dc22 Update Windows Install Doc
52b12fe98 Fixes #12063 Add docker compatible output after image build.
65d5a2b68 pause scope: don't use the global math/rand RNG
ef325bc8c specgen: check that networks are only set with bridge
094e1d70d container restore/import: store networks from db
3e9af2029 play kube add support for multiple networks
535818414 support advanced network configuration via cli
d072167fe Add new networks format to spegecen
46938bbf8 fix incorrect swagger doc for network dis/connect
4791595b5 network connect allow ip, ipv6 and mac address
9ce6b6413 network db: add new strucutre to container create
4e8ad039c remove unneeded return value from c.Networks()
5490be67b network db rewrite: migrate existing settings
5f1f62f0b network ls: show networks in deterministic order
5a071d9f5 Bump github.com/docker/docker
1fff76c3c pprof flakes: bump timeout to 20 seconds
50501f49a Add secret list --filter to cli
8cb93ac10 Cirrus: Temp. ignore gitlab task failures
81a0a7984 compat build: adhere to q/quiet
5bbcfaf4a Make XRegistryAuthHeader and XRegistryConfigHeader private
3cfefa124 Remove the authfile parameter of MakeXRegistryAuthHeader
d79414c54 Simplify the header decision in pkg/bindings/images.Build a bit
f9be32627 Remove the authfile parameter of MakeXRegistryConfigHeader
935dcbb00 Remove no-longer-useful name variables
0e29b8975 Consolidate creation of SystemContext with auth.json into a helper
fe1230ef7 Remove pkg/auth.Header
3725a34cb Call MakeXRegistryAuthHeader instead of Header(..., XRegistryAuthHeader)
78dd79752 Turn headerAuth into MakeXRegistryAuthHeader
d073b1275 Call MakeXRegistryConfigHeader instead of Header(..., XRegistryConfigHeader)
8155fb565 Turn headerConfig into MakeXRegistryConfigHeader
29f408871 Move the auth file creation to GetCredentials
9d56ebb61 Consolidate the error handling path in GetCredentials
da86a2328 Only look up HTTP header values once in GetCredentials
1589d70bc Use Header.Values in GetCredentials.has
2946e8349 Beautify GetCredentials.has a bit
1ecc6ba72 Pass a header value directly to parseSingleAuthHeader and parseMultiAuthHeader
6f1a26b04 Simplify parseSingleAuthHeader
7674f2f76 Simplify the interface of parseSingleAuthHeader
2aeb690d3 Don't return a header name from auth.GetCredentials
491951d66 Fix normalizeAuthFileKey to use the correct semantics
1b6bf9713 Rename normalize and a few variables
d29a4a6d1 Add TestHeaderGetCredentialsRoundtrip
ad7e5e34f Add tests for auth.Header
5a5aa6009 Improve TestAuthConfigsToAuthFile
ff003928b Add unit tests for singleAuthHeader
b162d8868 Add unit tests for multiAuthHeader
bc191ca7d fix e2e test missing network cleanup
99bc00421 pprof CI flakes: enforce 5 seconds grace period
1d781ccbe [NO NEW TESTS NEEDED] rootless: declare TEMP_FAILURE_RETRY before usage (Fixes: #12563)
593d0907c --hostname should be set when using --pod new:foobar
a63035be2 Cirrus: Use cached swagger binary
6d19ecadc inotify: make sure to remove files
18854f566 System tests: remove rm_pause_image()
b526a0ccd specgen: honor empty args for entrypoint
2d517b687 generate systemd: support entrypoint JSON strings
6c05961ba Bump github.com/uber/jaeger-client-go
d7f6f4e88 remove runlabel test for global opts
0999245e4 utils: reintroduce moveToCgroup
99e9fcdb6 autocopr: distro conditionals for containers-common
d87a9b788 vendor c/image/v5@main
2130d1853 Update vendor or containers/common moving pkg/cgroups there
7d0fd175f volume: apply exact permission of target directory without adding extra 0111
851349345 Cirrus: Remove remnants of nix-based static build
d35aa3f29 Refactor podman pods to report.Formatter
3753347d6 rootless netns: resolve all path components for resolv.conf
eee3a42b7 tests: clean up FIXMEs and noise
207065ce9 fix remote run/start flake
6d7e6d744 e2e: fix pprof flakes
c91fb244c Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
76f5100be vendor c/common@main
527fd3c0f Escape trailing slash in install directory location so the closing quote is not escaped
e89a62602 centos 9 stream cannot use %autochangelog
7d22cc88e Refactor podman system to report.Formatter [NO NEW TESTS NEEDED]
8e0532623 add spec file for automated copr builds
c9ad1da51 Add restart-sec option to systemd generate
2e132d1d4 Fix documentation of (podman image save --compress --uncompressed)
952046ffd Improve documentation of (podman image save --format)
7d331d35d Add support for configmap volumes to play kube
bd9f8815e cmd, push: use the configured compression format
aafbaa497 [CI:DOCS] logformatter: fix corner case with links
ecd48325f UPdate vendor of image-spec and containers/storage
fe1cdab59 vendor: update containers/common
babc69367 Update doc to explictly mention using ed25519 in ssh keys
61792de36 Refactor podman image command output
6cb25b3d1 Manual fixes
eb1212bed Same thing, with BeNumerically("==", x)
c0a8814fb Use HaveLen(x) instead of Expect(len(y)).To(Equal(x))
92f9e1176 Same thing, for BeNumerically("==", 0)
7c6123f8e Use BeEmpty() instead of len(x).To(Equal(0))
c67649546 Same as previous, for assertions other than Equal()
478f2da5d e2e tests: a little more minor cleanup
8d6d9df40 compat API: push: report size of manifest
2683ecbbc compat: images/json
a0e696411 Add ashley-cui, lsm5 and floutoc to owners
65109494b remove ARTIFACT_DIR and ArtifactPath
3ac1b9bc0 Image caches: allow overriding cache dir
5ac66e2aa Rename CrioRoot as just Root
3ff47748d Fix possible rootless netns cleanup race
db3a4c070 [NO NEW TESTS NEEDED] Refactor podman container command output
4e63f9192 Hostname in `spec.hostname` should be passed to infra ctr init opt
0afaf7837 container, cgroup: detect pid termination
e2b344728 top: parse ps(1) args correctly
6673ff78d podman, push: expose --compression-format
9ce7ade8c e2e: yet more cleanup of BeTrue/BeFalse
f415b3055 Ensure the generated NodePort values are unique
a948ecbb9 Allow containerPortsToServicePorts to fail
ec686d68d Don't use the global math/rand RNG for service ports
d48c00418 Move a comment to the relevant place
8eb0be0a2 a few more manual BeTrue cleanups
f7cbb1d84 Convert strings.Contains() to Expect(ContainSubstring)
12787963b e2e tests: more cleanup of BeTrue()s
5a56f4094 Implement 'podman run --blkio-weight-device'
9a10e2124 systemd: replace multi-user with default.target
5bdd571b1 compat API: allow enforcing short-names resolution to Docker Hub
0ddb09448 Fixed the containerfile not found during remote build.
c80a2e449 podman-remote: prevent leaking secret into image
e7204178e podman-remote: copy secret to contextdir is absolute path on host
bfcaf538b api: allow build api to accept secrets
931c08157 Only open save output file with WRONLY
f330c197b List /etc/containers/certs.d as default for --cert-path
b63d69640 e2e tests: enable golint
697ff213d fix: parsing of HostConfig.Mounts for container create
2e50514ad Move the chown to after the ADDs
cbda62d1b fix: error reporting for archive endpoint
d5c3cc949 Bindings test: emit GIT_COMMIT, for links in logs
bc3c5be2f checkpoint do not modify XDG_RUNTIME_DIR
e648122b2 libpod: improve heuristic to detect cgroup
a66f40b4d libpod, inspect: export cgroup path
b25b33030 stats: get the memory limit from the spec
84e81252f compat: Add compatiblity with Docker/Moby API for scenarios where build fails
c7ebaeee0 libpod: leave thread locked on errors
eb3708a52 Find and fix empty Expect()s
df6aa6730 Unset SocketLabel after system finishes checkpointing
c034147fe Remove StringInSlice(), part 2
2fcb39586 Remove StringInSlice(), part 1
cd59721de e2e test cleanup, continued
533636395 Update basic_networking.md
5cf2683bf Warn on failing to update container status
a4e4b8d92 oci: ack crun output when container is not there
08558b27f oci: exit gracefully if container is already dead
dd80635df Support env variables based on ConfigMaps sent in payload
0d1aaf080 image lookup: do not match *any* tags
566b78dd0 generate systemd: add --start-timeout flag
49d63ad5c Oops! Manual edits to broken tests
97ab9176f e2e tests: clean up antihelpful BeTrue()s
aa301225a Cirrus: Strip out static nix build
9c8fb5cc0 Rename pod on generate of container
2ab28140d [CI:DOCS] Update notes on java TZ in man page
73e95d1c3 Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
044edbb9c Fix netavark error handling and teardown issue
13ee1788f swagger: add layers to build api docs
022273c19 compat: add layer caching compatiblity for non podman clients
f564c9a34 Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
a8b3c67b9 Add note about volume with unprivileged container
d173ebc06 Add EXPOSE e2e test
02be831ce Support EXPOSE with port ranges
ab56a7c4b compat: Add subnet mask behind IP address to match Docker API
d06899769 [CI:DOCS] Add java TZ note to run manpage
44b240470 Bump github.com/rootless-containers/rootlesskit from 0.14.5 to 0.14.6
21629b050 podman-remote does not support signature-policy
ced0ffbe8 Add tests for restore runtime verification
c76caba36 Use same runtime to restore a container as during checkpointing
8198e96f3 Force iptables driver for netavark tests
501643c8b Make sure netavark output is logged to the syslog
6011149ca filter: use filepath.Match to maintain consistency with other pattern matching in podman
c03b6b54f Semiperiodic cleanup of obsolete Skip()s
a3664269b [CI:DOCS]upload a translation file
b2623ceb4 api/handlers: Add checkpoint/restore FileLocks
84021cfdc test: Update error string for --file-locks test
22ef7b620 fix duplicated logs command
19400ec0d Bump github.com/docker/docker
7f96a8d2d Bump k8s.io/api from 0.22.3 to 0.22.4
0dae50f1d Do not store the exit command in container config
7098463e7 Add test for checkpoint/restore with --file-locks
6d23ea60d Add --file-locks checkpoint/restore option
7f52bd843 Cirrus: Bump Fedora to release 35
3ee2d2367 Cirrus: Partially revert catatonit --force install
226be65bd Revert "Cirrus: Temp. disable prior-fedora testing"
5bd43fbea Cirrus: Workaround log_driver=journald setting
f3021f3f6 Cirrus: Fix bindings test hang b/c logging config mismatch
155a443a9 Cirrus: Timeout bindings test after 30m
3aa7076ff Cirrus: Log more things in bindings and unit tests
d6d1ce980 Minor Makefile fix
62d6b6bf7 rootless netns, one netns per libpod tmp dir
2e5d3e8fb Introduce Address type to be used in secondary IPv4 and IPv6 inspect data structure.
e83d36665 volumes: add new option idmap
fceecc3a5 remote checkpoint/restore: more fixes
6f6a6925b fix CI
010bee04c fix: take absolute path for dd on apple silicon
d6c18902e System tests: new checkpoint tests
3073543fd rootless: use catatonit to maintain user+mnt namespace
cb9de1007 rootless: drop strerror(errno) calls
084e32336 rootless: reuse existing open_namespace function
277d52686 rootless: use auto cleanup functions
ee6271113 utils: use podman-pause-$RANDOM.scope name
e367f4614 hack/bats: deal with new bin helpers
422dc5e69 Change error message for compatibility with docker
97c6403a1 rename libpod nettypes fields
8ca300ae9 podman machine start wait for ssh
33ec8c669 fix remote checkpoint/restore
44d1618dd Add --unsetenv & --unsetenv-all to remove def environment variables
364b242b7 Set config environment variables early in Podman init
63ef7135d journald logs: keep reading until the journal's end
014cc4b9d secret: honor custom target for secrets with run
5df883e87 bindings: reuse context for API requests
295d87bb0 podman machine improve port forwarding
c21259bf8 Network test: fix podman-remote-rootless corner case
c050f05cc filter: add basic pattern matching for label keys
c8790bfbb cirrus: force-install catatonit
5934e4c9b infra container: replace pause with catatonit
58cf0d462 Revert "add kubernetes pause"
d28b39a90 Added test for checkpoint/restore --print-stats
914f4c890 Update man pages for checkpoint/restore --print-stats
80e56fa12 Added optional container restore statistics
6202e8102 Added optional container checkpointing statistics
062c88771 Error logs --follow if events-backend != journald, event-logger=journald
9226ccb59 Enable 'podman run --memory-swappiness=0'
164c42b48 Fix network mode in play kube
b1c002342 Always create working directory when using compat API
f517510bc play kube: don't force-pull infra image
ac38eca3f Podman Image SCP transfer patch
6762d5e23 --authfile command line argument for image sign command.
f35d7f4dc Cirrus: Temp. disable prior-fedora testing
0b60b191d Cirrus: Update to Ubuntu 21.10
3af19917a Add failing run test for netavark
fe90a45e0 Add flag to overwrite network backend from config
9f4d63f91 libpod: create /etc/mtab safely
8041d44c9 Add network backend to podman info
b2f7430b6 Add more netavark tests
1c88f741a select network backend based on config
3fe0c4917 Fix RUST_LOG envar for netavark
4febe5576 netavark IPAM assignment
eaae29462 netavark network interface
12c62b92f Make networking code reusable
c43b81f9a Fix flake in upgrade tests
73e1cdfe9 export adding id-specifier code to setContainerNameForTemplate
980c47aaa VOLUME must be declared after RUN chown command
3690532b3 network reload return error if we cannot reload ports
27de152b5 network reload without ports should not reload ports
a55fdbb49 Print headers for system connection ls
6236be4ff [CI:DOCS] Add CI check for SEE ALSO in man pages
1ef66d6d7 podman load: support downloading files
2720156fa Add links to all SEE ALSO sections
df0666436 pod create: read infra image from containers.conf
9877280f5 rootless: adjust error message
216e2cb36 Fix rootless networking with userns and ports
faf450ea1 support health checks from image configs
6ee3b33d3 change from run to create in 250-systemd.bats
d0b502fce Exclude already built sources for static build
72cf38968 shm_lock: Handle ENOSPC better in AllocateSemaphore
8a9da7698 Fix Zsh completion command documentation
555e21557 Match .c files in Makefile
65609f338 Add Static Build download instructions to README
7225ddb5b Add links to podman build,run, create see also
2ed31f9f1 Minor test tweaks
8b7b0b7ca pod create: read network mode from config
5fbc67f20 Bump Catatonit up to v0.1.7
e907f095b test connection add
338eb9d75 system: Adds support for removing all named destination via --all
6444f2402 pod/container create: resolve conflicts of generated names
f3fab1e17 podman-generate-kube - remove empty structs from YAML
4e8bf8be4 Add some information about disabling SELinux when using system volumes
02f67181a Fix swagger definition for the new mac address type
5c0351cc6 Log Apache access_log-like entries at Info level [NO NEW TESTS NEEDED]
3e1940a8e Test to check for presence of 'stats-dump' in exported checkpoints
6b8fc3bd1 Add 'stats-dump' file to exported checkpoint
ffa5ed0e0 Podman Image SCP rootful to rootless transfer
7f433df7e rename rootless cni ns to rootless netns
58f8c3d74 mount full XDG_RUNTIME_DIR in rootless cni ns
6fee827c7 Bump github.com/checkpoint-restore/go-criu/v5 from 5.1.0 to 5.2.0
756dda298 Keep error semantics intact
614c6f597 Fix rootless cni netns cleanup logic
b85e3764a tweak a couple of flag descriptions in help output
ff92d7371 Update swagger doc make filed optional
ba8eba83e Fix bindings container log test
0234b153c test: run --cgroups=split in new cgroup
001d48929 MAC address json unmarshal should allow strings
6e6388eac Make stop message more similar to start
449cc7a5c Implement top streaming for containers and pods
f2115471d Handle HTTP 409 error messages properly for Pod actions
d0dfc5e22 Add tests
48d0d2b4a Fix swagger definitions
48e1cca9f More conforming libpod API and swagger types
62ee24bb7 More conforming libpod API and swagger types
a845613d0 Better emptiness test for custom JSON serializer
7b2531c13 System tests: enhance volume test, add debug prints
15eb01601 add unit test to containers_test
120ad2d3c Use correct swagger type in doc-comment
9c34bd52f Cirrus: Authorize rootless user self-ssh
218d91d76 Fix libpod API conformance to swagger
e69eae645 Fix help message case for `podman version`
9fc98f265 Fix pause usage example
749487600 Use systemctl in local system test
98506c961 Allow label and labels when creating volumes
c5f0a5d78 volumes: be more tolerant and fix infinite loop
3c79202fb Add information on how podman machine is updated
4e9e6f21f volumes: allow more options for devpts
e6286fbac volumes: do not pass mount opt as formatter string
feebf1bd8 Bump k8s.io/api from 0.22.2 to 0.22.3
960831f9c runtime: change PID existence check
9e5cd3205 oci: rename sub-cgroup to runtime instead of supervisor
0136a66a8 libpod: deduplicate ports in db
e68fbf03a Set flags to test 'logs -f' with journald driver
dcbf5cae1 Set Checkpointed state to false after restore
ff31f2264 container create: fix --tls-verify parsing
6b3b0a17c runtime: check for pause pid existence
825889cc7 utils: do not overwrite the err variable
d53789068 Fix systemd PID1 test
864748df5 Record the image stream along with the path
55397de93 cgroups: use SessionBusPrivateNoAutoStartup
8163d38c6 vendor: update godbus to v5.0.6
008075ce5 Slirp4netns with ipv6 set net.ipv6.conf.default.accept_dad=0
c723e6b97 Fix a few problems in 'podman logs --tail' with journald driver
bf8fd943e Allow 'container restore' with '--ipc host'
efd1c080b Document to not set K8S envars for CNI
773caf293 Bump github.com/docker/docker
75f478c08 pod create: remove need for pause image
9d2b8d279 add kubernetes pause
e86549b18 cirrus: containers: mount directory in /var/tmp to /tmp
2e3611d61 overlay root fs: create mount on runtime dir
a42c131c8 Update vendor github.com/opencontainers/runtime-tools
d6296c918 If Dockerfile exists in same directory as service, we should not use it.
adee084d6 Fix tests of podman image trust --raw and --json
53ff49237 Tighten the expected output of the "podman image trust show" test
c872788e4 Use INTEGRATION_ROOT instead of current directory
acd8b4900 Add support to play kube for --log-opt
d7662edf6 [NO NEW TESTS NEEDED] Fix off-by-one index comparision (reported by LGTM)
24c83980e Fix some typos in documentation and comments (found by codespell)
22270fb84 Replace 'an user' => 'a user'
936ab158c [CI:DOCS] Fix typo keep_id -> keep-id
38c78381c Set DOCKER_HOST in the VM
ce4ed7d13 fuse-overlay probably means fuse-overlayfs.
ece0c7e5d Support template unit files in podman generate systemd
8e3760c29 Remove --kernel-memory options
f4f96962c tag: Support tagging manifest list instead of resolving to images
30245f584 Remove infra ID from DB before removing containers
70a5d8cd1 System tests: confirm that -a and -l clash
12d0a8509 systemd: compatible with rootless mode
960a55c09 system tests: CONTAINER_* and --help: cleanup
20b5a8599 podman run --memory=0 ... should not set memory limit
c3801f0fa Add information on how to discover default log driver
d24ce0a33 Add test for system connection
517b56b02 Generate Kube should not print default structs
9500e11a8 libpod: change mountpoint ownership c.Root when using overlay on top of external rootfs
34dcbc949 Change podman connection list to use default field
087f8fc73 Allow API to specify size and inode quota
db7a98de4 Use exponential backoff when waiting for a journal entry
4f7a431da Pod Rm Infra Improvements
c8cffe1b3 system tests: socket activation: clean up
d0f7b99c6 rootfs-overlay: fix overlaybase path for cleanups
468e7c689 Move CONTAINER_HOST and _CONNECTION to IsRemote Function
207abc4a9 We should only be relabeling when on first run
4f857bc10 If CONTAINER_HOST env variable is set default podman --remote=true
8db62d04f Set targetPort to the port value in the kube yaml
16e7cc8bf Do not add TCP to protocol in generated kube yaml
ab4c9a894 Use CGO_ENABLED=1 when building natively on darwin
c1497cf44 Test-hang fix: Wait for ready + timeout on connect.
8439a6d5e Checkpoint/Restore test fixes
f9ff0525c Don't include ctr.log if not using file logging
50b9d82f2 Don't use docker/pkg/archive, use containers/storage/pkg/archive
7112a4159 Fix codespell errors
184de3955 Adjust tests to verify all subcommands show the help message
8cae2978e Fix panic in container create compat api
5d18fb923 Don't add image entrypoint to the generate kube yaml
cc875fd26 Display help text on empty subcommand by default
14bfee31f podman search: display only name and description by default
8600bce53 codespell code
7b1e386f7 Add information about .containerignore to podman build man page
cead18537 CNI: fix network create --ip-range
4631f5b28 Kube Gen run as user/group issues
3ba69dccf rootlessport: reduce memory usage of the process
ab0e6630f No space in kube annotations for bind mounts
0459484bd Fix CI flake on time of shutdown for API service
b28a8bc19 Refactor podman search to be more code friendly
69b665996 Unit files: Use actual installed path for podman
1e81787e3 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
9042520cf cgroups: use cgroup.controllers to read controllers
ab8fb3876 builder: Add support for builder prune
7580c2273 Remove a volume with --force if container is running
6b2939884 Use SplitN(2) when copying env variables
e57b32c59 podman stats: move cgroup validation to server
54471acba fix test
dd5975f3d Support readonly rootfs contains colon
90b5318b8 [CI:DOCS] oci-hooks.5.md: fixup section in header
8d3aec9d0 Enable /debug/pprof API service endpoints
5caf6b94e Not all fields in machine list were set properly
fad14dafe faster image inspection
48d26a893 Warn if podman stop timeout expires that sigkill was sent
6fc73ea4e [CI:DOCS] introduce --replace flag for play kube
0479fd8d6 [CI:DOCS] Include manifest example usage
a487a6382 Change podman.1 man page to show corret log-level default
da8e4cdeb Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
6f9e9ee9e Fixes #11668
fbce7584d libpod: fix race when closing STDIN
8bd9f58d1 Ensure `podman ps --sync` functions
e1089e89d Allow `podman stop` to be run on Stopping containers
675d2d0c1 Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1
033a662b9 Bump github.com/docker/docker
521c0cbd1 It really should be no **NEW** tests needed
fb118b852 README.md: Point to Podman's channels
8e80f4d24 Add podman-plugins to upstream image
a726043d0 CNI networks: reload networks if needed
8156df5b7 bump c/common to latest and c/storage to 1.37.0
21c9dc3c4 Add --time out for podman * rm -f commands
d6b9451b4 Cirrus: Fix defunct package metadata breaking cache
163d81cc0 Pod Events Logging Fix
c67593df1 [NO TESTS NEEDED] Ignore removed containers
6da97c863 Pod Volumes From Support
4ea5d6971 Add note about empty fields and null values for API responses
97bf6331f Bump github.com/containers/buildah from 1.23.0 to 1.23.1
641f0ccc4 Add podman play kube --no-hosts options
fb2355adb Gating tests: fix permissions error
686b7ef7b pkg/specgen: cache image in generator
0b5a2b746 cirrus: gitlab: download packages
648882bf6 Add guard for BuildOptions.CommonBuildOpts
bf94ebf42 System tests: tighten 'is' operator
7e81d78ed Update README and release notes for v3.4.0
cc4232169 sdnotify test: accept MAINPID anywhere
642d68299 machine: silently cleanup dangling sockets before rm if possible
a1dce3a0d Add expose type map[uint16]string to description
0a156211d [NO TESTS NEEDED] Fix typo in storage.conf file exists message
1ff6a5082 Support selinux options with bind mounts play/gen
9c6c98192 kube: fix conversion from milliCPU to period/quota
5090920cc Bump github.com/mattn/go-isatty from 0.0.12 to 0.0.14
5c1b3e8d7 test: use new helper
788106dad test: skip test on rootless cgroupsv1
5a33b7aef machine: Info on successfully stopping qemu machine
c25cc7230 Allow a value of -1 to set unlimited pids limit
1805ed360 Vendor in latest containers/storage
c9ea2cae1 Storage can remove ErrNotAContainer as well
ccff77025 libpod: container create: init variable: do not deep copy spec
5ea369ade libpod: add GetConfigNoCopy()
30bf31010 libpod: add execSessionNoCopy
98176f001 libpod: do not call (*container).Spec()
2d8605189 Pod Device-Read-BPS support
97f755f87 Remind user to check connection or use podman machine
678b554b1 Ensure pod ID bucket is properly updated on rename
60824c613 Fix contributor make targets on Ubuntu and Debian
0d4fa7bc9 Implement PR template to assist review & release
5d6ea90e7 libpod: do not call (*container).Config()
a3cdee979 [NO TESTS NEEDED] Add port configuration to first regular container
d14f66972 [CI:DOCS] cmd/podman: no dot for short descriptions
1c8926285 move network alias validation to container create
d0950f3ef set --cni-config-dir for exit command
05614ee13 always add short container id as net alias
a9a54eefa image prune: support removing external containers
86083c580 System tests: speed up. They've gotten too slow.
344ba32c8 Add dockerfile.5 as man link to containerfile man page
87559b020 Set MSI to be 64-bit only.
ca3c08bf9 fix podman network prune integration test flakes
f76fa3475 Cirrus: Add gitlab podman runner test
1df0646b0 CNI: network remove do not error for ENOENT
464fec260 remote build: EvalSymlinks() the context directory
8fca626e3 stop: Do nothing if container was never created in runtime
3ce98a5ec logging: new mode -l passthrough
3600054d1 Allow machine options to be set from containers.conf
5a2ca77b9 Vendor in containers/common v0.46.0
c668ca859 podman machine: do not join userns
b3307bc9c Disable docker and alias to podman in FCOS ignition
1e0039a83 added healthcheck to ps command
a97551eb2 Fix english on prune prompt
3d8dec982 Document missing /images/search query parameters
6095c4fac rootful: do not set XDG_RUNTIME_DIR for cni plugins
1cf66f514 Revert "rootful: unset XDG_RUNTIME_DIR"
ba46613a6 Add completion for machine list format
2df0685cb Set context dir for play kube build
ce080d25c Makefile: use -ldflags/-gccgoflags depending on the go implemenatiton
82818caff Update docs for --platform in podman-build.1
b6e5a4909 shell completion: do not show images without tag
119973375 podman inspect add State.Health field for docker compat
01bf8a668 podman save: enforce signature removal
4ecaf85d9 Add JSON version of the machine list
ed3c4a89d Add support for :U flag with --mount option
2d5d98c04 [CI:DOCS] Add link to running ctrimage on enablesysadm
b6fecbb75 Ignore mount errors except ErrContainerUnknown when cleaningup container
1c4e6d862 standardize logrus messages to upper case
45ee5c5db podman generate kube should not include images command
f5f95d722 Fix machine image
db44addf9 sync container state before reading the healthcheck
0baee2cc3 Also show the (initial) disk size
911298252 Show cpus and memory in machine list
5acf8ae12 Eighty-six eighty-eighty
68d21b6ff net types: remove omitempty from required fields
49c5688a3 podman save: add `--uncompressed`
af49810a6 Bump CNI to v1.0.1
5875e409e vendor c/psgo@v1.7.1
738f2b36e [CI:DOCS] Add network alias note in man pages
4ecbc7caa Add a backoff and retries to retrieving exited event
319fcf52f Cross-build release-archives w/ arch in filename
34043bd81 Fix Error, empty output for info: 'VERSION'
185294cb8 Generate kube should'd add podman default environment vars
ae5de8b39 volume: Add support for overlay on named volumes
8fac34b8f Pod Device Support
8453c8ce6 Support --format tables in ps output
61217f3ba Remove references to kube being development
b74edfb0a Add support for retrieving system service --timeout
3221f50a4 Add podman image/container inspect man pages
665b451e5 [CI:DOCS] Add link to skopeo delete in podman rmi
509812457 vendor c/common@main
92ee2f372 remote untag: support digests
cb077c968 Created MapOptions for PodCreate
a1861c570 Bump k8s.io/api from 0.22.1 to 0.22.2
5242030ac compat API: /images/json prefix image id with sha256
cf28dab9f podman machine: use gvproxy for host.containers.internal
eea5d2512 utils: return error message from StartTransientUnit
4caca0969 utils: raise warning only on cgroupv2
74ad05396 Add podman machine init --now option
22df773f7 System tests: cleanup, and remove obsolete skips
e3e9e5175 Add username flag for machine ssh
c692f7a18 Remove unused code from libpod
62350fed6 [CI:DOCS] markdown cleanup
613ef220f Fix up build the docs site
7ca666f47 Use a new markdown converter for sphinx
a2c8b5d9d runtime: move pause process to scope
72534a74b system: move MovePauseProcessToScope to utils
9c1e27fdd system: always move pause process when running on systemd
fa9728c55 system: avoid reading pause pid file
f1ee23425 Only add 127.0.0.1 entry to /etc/hosts with --net=none
4216f7b7f Add no-trunc support to podman-events
aee0ab98c CNI: add ipvlan driver
c20f61148 CNI: network create support macvlan modes
5c7935057 Do not allow network modes to be used as network names
9c091e42d fix inverted condition
7c5d64b47 Fix /auth compat endpoint
5e8309464 Add Drivers method to the Network Interface
1bcd006c5 CI: load ipv6 kernel modules for rootless tests
b906b9d85 Drop OCICNI dependency
85e8fbf7f Wire network interface into libpod
218f132fd cni network configs set ipv6 enables correctly
24bec9a76 default network: do not validate the used subnets
aa7bc4e37 network create: validate the input subnet
3e77f960f Set default storage from containers.conf for temporary images
0b1c45bc5 container runlabel remove image tag from name
962675c14 build.bats: fix copy tests after containers/buildah#3486
d0c605cd3 build: mirror --authfile to filesystem if pointing to FD instead of file
5cafb6d18 Fix example in podman machine init man page
222b62e7b vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0
9b04e1789 api: handle nil pointer dereference in rest endpoints
5dbf3ee7a build: take advantage of --platform lists
64de4f612 Document `all` query parameter for /libpod/images/prune
38c5f6721 Show variant and codename of the distribution
952fc4a6f Use new aarch64 fcos repos
d7256be80 Enhance bindings for IDE hints
84005330a Pod Volumes Support
b1768d3b0 test: enable --cgroup-parent test
44abc1797 libpod: honor --cgroups=split also with pods
65f3b16c6 tests: enable --cgroups=disabled test for rootless
afe4d17be tests: simplify --cgroups=disabled test
d3f0f09ad libpod: rootful close binded ports
072b061b4 Search gvproxy with config.FindHelperBinary()
a55e2a00f rootfs: Add support for rootfs-overlay and bump to buildah v1.22.1-0.202108
6221f269a fix restart always with rootlessport
d30facfda Cirrus: NM/CNI workaround + Remove prior-Ubuntu
ba2130ff5 If container exits with 125 podman should exit with 125
9ae947654 Bump github.com/json-iterator/go from 1.1.11 to 1.1.12
b0cbcd1d0 bump c/common to v0.44.0
32424d9a9 remove rootlessport socket to prevent EADDRINUSE
3c77a98e4 Add deprecated fields for 1.22+ clients that still expect them
7a667c4ac Use default username for podman machine ssh
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
6c6e6dc923 |
docker-distribution: update to 2.8.0
Bumping docker-distribution to version v2.7.1-42-g3b7b5345, which comprises the following commits:
97f6dace [release/2.7] vendor: github.com/opencontainers/image-spec v1.0.2
10ade61d manifest: validate document type before unmarshal
c5679da3 [release/2.7] vendor: github.com/golang-jwt/jwt v3.2.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
e3087cd666 |
docker-ce: update to v20.10.12
Bumping docker to version v20.10.12-84-g906f57ff5b, which comprises the following commits:
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
180f3b9cc7 update containerd binary to v1.5.10
0fa0d70489 [20.10] update to go 1.16.15 to address CVE-2022-24921
4679ffd01c docs: remove HostConfig.LxcConf field from API docs
fbbe1fcfd8 api: remove HostConfig.LxcConf field
a5a697143d docs: fixing /exec/{id}/resize response code in API documentation
42b13c09a6 Added error codes for exec resize in API docs
aa69e8ed3f Fixed exec resize success code in API docs
ca5ba4890e Fix typo on the v1.41 changelog
db214206e5 vendor: bump etcd v3.3.27
df6a536193 vendor: github.com/coreos/etcd v3.3.25
9502dec32f [20.10] Update Go to 1.16.14
878b9de935 daemon/graphdriver/fuse-overlayfs: Init(): fix directory permissions (staticcheck)
d1b3497bfa [20.10] vendor: github.com/docker/distribution v2.8.0
f9344b45fe api/swagger: move DistributionInspect to definitions
13cb9d9723 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
7f9760e10c api/swagger: fix up event-types and move to definitions
e6739a2884 api/swagger: move DistributionInspect to definitions
d445d24804 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
5e38ae84b2 api/swagger: fix up event-types and move to definitions
012fdff916 Fix swagger docs to match the opencontainers image-spec
13cbf7fbb7 Extract PluginPrivilegeItem as explicit type definition
8fbcf0611b Use explicit object names for improved swagger based code generation
b8bee972c4 Fix ContainerSummary swagger docs
7092a6091c Add "changes" query parameter for /image/create to swagger docs
adf1e470a1 Add RestartPolicy "no" to swagger docs
b4b469eac2 Fix swagger docs to match the opencontainers image-spec
2c38a2a635 Extract PluginPrivilegeItem as explicit type definition
621bfddd6e Use explicit object names for improved swagger based code generation
8a5240a8aa Fix ContainerSummary swagger docs
751cf68e36 Add "changes" query parameter for /image/create to swagger docs
a961b76aef Add RestartPolicy "no" to swagger docs
ad21bcd94e Jenkinsfile: remove Windows RS1 as it reached end of support
b2684c1857 Fix for lack of syncromization in daemon/update.go
8268f70ebb daemon/logger: replace flaky TestFollowLogsHandleDecodeErr
78d0b936b8 daemon/logger: refactor followLogs to write more unit tests
39519221c2 daemon/logger: test followLogs' handleDecodeErr case
ada1b01de1 daemon/logger: read the length header correctly
829f071228 update containerd binary to v1.5.9
3e5eea4192 update runc binary to v1.0.3
bd42e17284 update containerd binary to v1.5.8
3fd0b8d6eb Update containerd binary to v1.5.7
3700adb70a Update containerd binary to v1.5.6
0f37f2989b Dockerfile: update gotestsum to v1.7.0
2716336abd Dockerfile: use "go install" to install utilities
b35a1707e3 Dockerfile: use version for some utilities instead of commit-sha
2a18825cdf Dockerfile: remove GOPROXY override (was for go < 1.14)
0f925d5d3d remove deprecated "nokmem" build-tag for runc
fb45fe614d info: remove "expected" check for tini version
fd32c70031 update containerd binary to v1.5.5
302114634c update containerd binary v1.4.8
1cd13dcb6c Update containerd binary to v1.5.3
5f09d5c76a update containerd binary to v1.5.2
23f23c99ed update containerd binary to v1.5.1
f036a34c5b update containerd binary to v1.5.0
1dd37750a6 Revert "[20.10] update containerd binary to v1.4.5"
b097d29705 Revert "[20.10] update containerd binary to v1.4.6"
de656f9da4 Revert "[20.10] update containerd binary to v1.4.7"
9e36f77577 Revert "[20.10] update containerd binary v1.4.8"
eb2acf2fb3 Revert "[20.10] update containerd binary to v1.4.9"
4e838e50ea Revert "[20.10] update containerd binary to v1.4.10"
79fd9c1541 Revert "[20.10] update containerd binary to v1.4.11"
13de46fd4b Revert "[20.10] update containerd binary to v1.4.12"
aa92e697cb [20.10] update Go to 1.16.13
f9df098e76 fluentd: Turn ForceStopAsyncSend true when async connect is used
81fc02b7e1 vendor: github.com/fluent/fluent-logger-golang v1.8.0
d6f3add5c6 vendor: github.com/fluent/fluent-logger-golang 1.6.1
660b9962e4 daemon.WithCommonOptions() fix detection of user-namespaces
a621bc007b [20.10] update Go to 1.16.12
f4daf9dd08 [20.10] update Go to 1.16.11
dc015972bb vendor: github.com/opencontainers/image-spec v1.0.2
e0108db2bd [20.10] fix vendor validation
d47de2a4c7 [20.10] update containerd binary to v1.4.12
da9c983789 [20.10] vendor: github.com/moby/buildkit v0.8.3-4-gbc07b2b8
c1f352c4b1 distribution: validate blob type
c96ed28f2f vendor: update github.com/containerd/containerd
7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage
34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories
0e76a0a418 info: unset cgroup-related fields when CgroupDriver == none
c7edd308ad [20.10] Update Go to 1.16.10
b3456925ca vendor: update github.com/docker/distribution
6611c72b65 cmd/dockerd: create panic.log file without readonly flag
4b9a3dac46 Fix race in TestCreateServiceSecretFileMode, TestCreateServiceConfigFileMode
acb4f263b3 Fix racey TestHealthKillContainer
59d2a2c397 dockerd-rootless.sh: Fix variable not double quotes cause unexpected behavior
2c6aa5aad9 Remove needless check
3285c27503 Fix log statement 'failed to exit' timeout accuracy
a4bcd4c64f docker daemon container stop refactor
bed624fdc9 docker kill: fix bug where failed kills didnt fallback to unix kill
80b7e8b5d7 buildkit: normalize build target and local platform
c2b9a32875 vendor: Update go-winio to v0.4.20
c580a02873 [20.10] Update Go to 1.16.9
129a2000cf [20.10] update containerd binary to v1.4.11
6835d15f55 [20.10] update containerd binary to v1.4.10
5730c139f7 Bump swarmkit to get fix for rollback
59f10e3435 quota: adjust build-tags to allow build without CGO
fa78afebcf Update Go to 1.16.8
567c01f6d1 seccomp: add support for "clone3" syscall in default policy
07728cd2bd update runc binary to v1.0.2
964768f200 cmd/dockerd: add the link of "the documentation"
80f1169eca chrootarchive: don't create parent dirs outside of chroot
93ac040bf0 Lock down docker root dir perms.
b0c0b73798 bump up rootlesskit to v0.14.4
decb56ac89 Update Go to 1.16.7
Bumping docker-cli to version v20.10.12-22-ga22408634, which comprises the following commits:
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
700364e30 Fix mistake with env var example in docker run docs
62d27c32f Update WORKDIR command information
c0e952cf0 Fix the (dead) link for docs for Dockerfile syntax reference
04104a04d Update dockerd.md
b721998b7 Fixing typo (his --> its)
4065e1246 format create.md table
f1002eb9f Fix typo
e97c7b240 added missing closing parenthese
aa7893763 Update stats.md add example json output
40fe0573a Update Ubuntu version number references in push.md
c9737e1c3 docs/daemon: replace deprecated '-g' option for '--data-root'
5c6723d08 Correct device syntax to --gpus
fd5fc61ec [20.10] Update Go to 1.16.14
3624019d8 [20.10] update Go to 1.16.13
f3ff8e6ad [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog
ee1ac1b31 fix innocuous data-race when config.Load called in parallel
38dd744a1 [20.10] Update Go to 1.16.12
4de40a825 Update Go to 1.16.11
03fa8f92c Update Go to 1.16.10
9989fdbc4 Update most links in docs to use https by default
0e20c1fd2 Update Go to 1.16.9
1c0927a04 Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg
82f9d5921 info: skip client-side warning about seccomp profile on API >= 1.42
adb01ca79 docs: some minor touch-ups in checkpoint reference
8260476a0 docs: remove trailing space to fix generated YAML format
bce2e1f95 docs: create.md: typo fix
44064f51c Fix typo in documentation - build.md
292779add Add doc for BUILDKIT_PROGRESS env var
f2e79b826 docs: use "console" code-hint for shell examples
fa46b9236 docs: rewrite reference docs for --stop-signal and --stop-timeout
400f81089 experimental: fix broken link to "checkpoint and restore" page
c72057c8d docs: move checkpoint/restore doc from experimental into reference
77db97d59 Use private network address for default-address-pools setting in daemon.json example
cbf0d2b7b docs: fix some broken anchors
d0014a86b docs: fix description of restart-delay to mention max (1 minute)
6c1c8b55a docs: fix search results by filterd is-official
44fdac11f Update Go to 1.16.8
061051c24 docs: add missing redirect, and remove /go/experimental redirect
2012fbf11 Update Go to 1.16.7
42d1c0275 registry: ensure default auth config has address
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3988cc7e3a |
moby: update to v20.10.12
Bumping moby to version v20.10.12-84-g906f57ff5b, which comprises the following commits:
ce3b6d1ae9 distribution: retry downloading schema config on retryable error
180f3b9cc7 update containerd binary to v1.5.10
0fa0d70489 [20.10] update to go 1.16.15 to address CVE-2022-24921
4679ffd01c docs: remove HostConfig.LxcConf field from API docs
fbbe1fcfd8 api: remove HostConfig.LxcConf field
a5a697143d docs: fixing /exec/{id}/resize response code in API documentation
42b13c09a6 Added error codes for exec resize in API docs
aa69e8ed3f Fixed exec resize success code in API docs
ca5ba4890e Fix typo on the v1.41 changelog
db214206e5 vendor: bump etcd v3.3.27
df6a536193 vendor: github.com/coreos/etcd v3.3.25
9502dec32f [20.10] Update Go to 1.16.14
878b9de935 daemon/graphdriver/fuse-overlayfs: Init(): fix directory permissions (staticcheck)
d1b3497bfa [20.10] vendor: github.com/docker/distribution v2.8.0
f9344b45fe api/swagger: move DistributionInspect to definitions
13cb9d9723 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
7f9760e10c api/swagger: fix up event-types and move to definitions
e6739a2884 api/swagger: move DistributionInspect to definitions
d445d24804 api/swagger: rename PluginPrivilegeItem to PluginPrivilege
5e38ae84b2 api/swagger: fix up event-types and move to definitions
012fdff916 Fix swagger docs to match the opencontainers image-spec
13cbf7fbb7 Extract PluginPrivilegeItem as explicit type definition
8fbcf0611b Use explicit object names for improved swagger based code generation
b8bee972c4 Fix ContainerSummary swagger docs
7092a6091c Add "changes" query parameter for /image/create to swagger docs
adf1e470a1 Add RestartPolicy "no" to swagger docs
b4b469eac2 Fix swagger docs to match the opencontainers image-spec
2c38a2a635 Extract PluginPrivilegeItem as explicit type definition
621bfddd6e Use explicit object names for improved swagger based code generation
8a5240a8aa Fix ContainerSummary swagger docs
751cf68e36 Add "changes" query parameter for /image/create to swagger docs
a961b76aef Add RestartPolicy "no" to swagger docs
ad21bcd94e Jenkinsfile: remove Windows RS1 as it reached end of support
b2684c1857 Fix for lack of syncromization in daemon/update.go
8268f70ebb daemon/logger: replace flaky TestFollowLogsHandleDecodeErr
78d0b936b8 daemon/logger: refactor followLogs to write more unit tests
39519221c2 daemon/logger: test followLogs' handleDecodeErr case
ada1b01de1 daemon/logger: read the length header correctly
829f071228 update containerd binary to v1.5.9
3e5eea4192 update runc binary to v1.0.3
bd42e17284 update containerd binary to v1.5.8
3fd0b8d6eb Update containerd binary to v1.5.7
3700adb70a Update containerd binary to v1.5.6
0f37f2989b Dockerfile: update gotestsum to v1.7.0
2716336abd Dockerfile: use "go install" to install utilities
b35a1707e3 Dockerfile: use version for some utilities instead of commit-sha
2a18825cdf Dockerfile: remove GOPROXY override (was for go < 1.14)
0f925d5d3d remove deprecated "nokmem" build-tag for runc
fb45fe614d info: remove "expected" check for tini version
fd32c70031 update containerd binary to v1.5.5
302114634c update containerd binary v1.4.8
1cd13dcb6c Update containerd binary to v1.5.3
5f09d5c76a update containerd binary to v1.5.2
23f23c99ed update containerd binary to v1.5.1
f036a34c5b update containerd binary to v1.5.0
1dd37750a6 Revert "[20.10] update containerd binary to v1.4.5"
b097d29705 Revert "[20.10] update containerd binary to v1.4.6"
de656f9da4 Revert "[20.10] update containerd binary to v1.4.7"
9e36f77577 Revert "[20.10] update containerd binary v1.4.8"
eb2acf2fb3 Revert "[20.10] update containerd binary to v1.4.9"
4e838e50ea Revert "[20.10] update containerd binary to v1.4.10"
79fd9c1541 Revert "[20.10] update containerd binary to v1.4.11"
13de46fd4b Revert "[20.10] update containerd binary to v1.4.12"
aa92e697cb [20.10] update Go to 1.16.13
f9df098e76 fluentd: Turn ForceStopAsyncSend true when async connect is used
81fc02b7e1 vendor: github.com/fluent/fluent-logger-golang v1.8.0
d6f3add5c6 vendor: github.com/fluent/fluent-logger-golang 1.6.1
660b9962e4 daemon.WithCommonOptions() fix detection of user-namespaces
a621bc007b [20.10] update Go to 1.16.12
f4daf9dd08 [20.10] update Go to 1.16.11
dc015972bb vendor: github.com/opencontainers/image-spec v1.0.2
e0108db2bd [20.10] fix vendor validation
d47de2a4c7 [20.10] update containerd binary to v1.4.12
da9c983789 [20.10] vendor: github.com/moby/buildkit v0.8.3-4-gbc07b2b8
c1f352c4b1 distribution: validate blob type
c96ed28f2f vendor: update github.com/containerd/containerd
7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage
34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories
0e76a0a418 info: unset cgroup-related fields when CgroupDriver == none
b3456925ca vendor: update github.com/docker/distribution
Bumping docker-cli to version v20.10.12-22-ga22408634, which comprises the following commits:
a282e0c5d [20.10] update to go 1.16.15 to address CVE-2022-24921
700364e30 Fix mistake with env var example in docker run docs
62d27c32f Update WORKDIR command information
c0e952cf0 Fix the (dead) link for docs for Dockerfile syntax reference
04104a04d Update dockerd.md
b721998b7 Fixing typo (his --> its)
4065e1246 format create.md table
f1002eb9f Fix typo
e97c7b240 added missing closing parenthese
aa7893763 Update stats.md add example json output
40fe0573a Update Ubuntu version number references in push.md
c9737e1c3 docs/daemon: replace deprecated '-g' option for '--data-root'
5c6723d08 Correct device syntax to --gpus
fd5fc61ec [20.10] Update Go to 1.16.14
3624019d8 [20.10] update Go to 1.16.13
f3ff8e6ad [20.10] vendor: compose-on-kubernetes v0.5.0 to remove github.com/golang/glog
ee1ac1b31 fix innocuous data-race when config.Load called in parallel
38dd744a1 [20.10] Update Go to 1.16.12
4de40a825 Update Go to 1.16.11
03fa8f92c Update Go to 1.16.10
0e20c1fd2 Update Go to 1.16.9
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
8babc8e616 |
crun: update to 1.4.3
Bumping crun to version 1.4.3-4-g3b3061a, which comprises the following commits:
77df89b docs: update known issues with CRI and side-cars
164d753 wasm, kubernetes: support wasm for kubernetes infrastructure with side-cars
61c9600 NEWS: tag 1.4.3
040c59f chore(utils): add pointer casts to avoid C++ permissive mode
16850e4 build: fix bashism in configure.ac
e094499 test: fix CI
22284a9 tests: add codespell tests
37f13e3 crun.1.md: fix typo
8fca8bf tests: add fuzzing for idmapped mounts option
abfdf1f fuzzing: move chdir to Dockerfile
d935d0a linux: move parsing to separate function
5c7165a centos9: enable only needed repo
160e626 centos8: enable only needed repo
648b132 tests: add tests for idmapped mounts
916c5cd tests: add check for file ownership
934e19a tests: add feature check for idmapped mounts
bf06c8c linux: support options to idmap
e1ee353 test, container-delete: ignore warn for cgroupv1 when cgroup cleanup fails
4355edc test: add a test for crun delete
cdc4f6a utils, rmdir-all: transfer ownership and responsiblity of fd to rmdir_all_fd
bb5bc67 linux: open source bind mount in the host
df2fecd cgroup-destory: terminate infinite loop and relay error back to callee
44d7816 cgroup-destroy: bump delay while deleting from 0.1ms to 10ms
ec9fa1c Remove ignored arguments
9854c71 Fix compilation error with seccomp
58d33b8 crio-tests: skip userns tests with auto annotation
b3301ad crio-tests: use golang 1.17.6
192ff3e cri-o: remove locking to a specific commit in CI and use master
f6fbc8f NEWS: tag 1.4.2
4029e63 utils: check for dup error
83668f1 linux: create_missing_devs creates /dev/console
0b09d62 utils: always create trailing file
5c47eac container: ignore EROFS when chowning std stream files
8ff9652 linux: validate sysctls before applying them
2f5be74 python: fix build
da28cf1 container: attempt find_executable after setresuid
9646fde utils: drop const from find_executable
8026135 NEWS: tag 1.4.1
8711fbd utils: add a len argument to get_current_timestamp
b5987ee utils: add printf attribute to xasprintf
e9ba4ae libcrun: add printf attribute to error functions
2ca2d06 utils: add attribute malloc to x.*alloc.* functions
ece4431 utils: add the sentinel attribute to append_paths
bb57968 cgroup: do not lookup string twice
d74c5e4 wasm: add docs and example for using crun wasm support on kubernetes
78384da tests/oci-validation: optimize build
c7aac36 Revert "oci-validation: checkout last working commit for runtime-tools"
4cd65c3 utils: drop check for invalid path
90c6b1f tests/fuzzing/run-tests.sh: fix
e65f285 ci: add shellcheck job
b1c520c tests/*/*.sh: add set -e, fix shellcheck warns
1613f4e tests/cri-o: don't remove non-existing files
ff3e33b tests/fuzzing: nits
28c5f89 tests/oci-validation: rename script to run-tests.sh
2bf7a93 tests/*/*.sh: rm redundant cd
a51137c ci/gha: skip installing deps if Dockefile is used
209fe89 ci/gha: don't start docker
9174557 .github/workflows/test.yaml: nits
b97d397 errors: use printf compiler annotation
f12a5ac linux: fix lookup for namespace
acc5f87 linux: skip setns_with_pidfd with explicit paths
5f924cb container: allow delete while in created state
cc70b0a container: merge two if blocks
6aff973 cgroups: skip setting cpu limits if shares==0
5930bfa cgroup: append the sd error message in the error
c9f0b16 gha: simplify deps install
08b621f tests/podman: exclude --ip6 test case
1da6b96 Fix some typos found by codespell
fd6da89 src: rename libcrun_container_kill_all to libcrun_container_killall
dfd5dae libcrun: unexport str2sig
21a8daf libcrun: let libcrun_container_kill* accept a string
dd80179 libcrun: unexport append_paths
eada263 tests: skip sd_notify tests without systemd
8ead30f ci: enable codeql analysis
3a1da09 .github: fix ci build
a834e9b .github: test --enable-shared
95b482f src: export some symbols used by crun
7f37f2e src/libcrun/linux.c:425:77: error: 'OPEN_TREE_CLOEXEC' undeclared (first use in this function); did you mean 'OPEN_TREE_CLONE'?
3daded0 NEWS: tag 1.4
a400e8b libocispec: sync from upstream
76271c9 cgroup: initialize status
d583bdc utils: fix path check
2b74dc1 handler: add support for running handlers on kubernetes with containerd
9b25f52 tests: extend checkpoint/restore test with pre-dump
587d0b2 tests: add memhog command to init
fb2a7ed docs: add pre-copy migration options to the man page
0683fec checkpoint: add pre-dump support
7ecb4b0 handlers, wasm: add lost support for run.oci.handler=wasm
020ee61 tests: add tests for CPUShares/CPUWeight on systemd
58b8879 state: export systemd scope
3adb2d5 tests: allow to override cgroup manager
bcbc72d cgroup-systemd: update CPUShares/CPUWeight
2ba3106 cgroup: add custom update_resources
2d7a495 update: fix shares file name
ec70d28 cgroup-systemd: set CPUWeight/CPUShares on the scope cgroup
4012668 cgroup-resources: move CONVERT_SHARES_TO_CGROUPS_V2 to function
77318e4 cgroup: add function to write to the files
6457228 tests: add CRI-O integration tests to the CI
d6ab372 configure.ac: mark unused variable
cb4152d ebpf: fix build on 32 bits arches
2eafdff cgroup: ignore swap limit if it is not enabled
62e84d8 nix: lock nix version to last working release
1efb0f9 linux: fix join cgroup v1
f72414e crun, spec: allow override file name
5231a30 utils: retry openat2 on EAGAIN
782fb02 crun: load custom handlers
e6fda97 build: define CRUN_LIBDIR
af950dd handlers: support load from .so files
6d093a0 handlers: split each handler to its own file
46fb105 utils: remove hardcoded check for wasm
8f9337e crun, libcrun: move handlers behind an interface
fd0e171 handler: split libcrun_configure_wasm
4eb1f03 container: move custom handlers code to new file
2063305 wasmedge: The wasmedge.h is moved to wasmedge/wasmedge.h
2b4dfef container, handler: close files marked with O_CLOEXEC
4898342 linux, exec: try setns with pidfd
a14ae9e linux: move join namespaces to a new function
a32286c linux, exec: use CLONE_INTO_CGROUP
cb5bf95 linux: use clone3 if available
0e2eda2 tests: fail fuzzing test on crashes
74a21ed ebpf: handle missing access string
c1127a3 container: propagate close for ready-fd
c9c89c6 container: wait_process accepts a struct
9bf58f2 container: replace sprintf with snprintf
3191e49 container: drop argument for write_container_status
91b47f6 container: replace same failure code with a goto
b5405fc linux: improve detection of /dev target
dcc87a3 cgroup: move errors check to helper
0af034d cgroup: hide create/destroy behind a struct
f95e56a cgroup: move cgroupfs code to new file
98e4e46 cgroup: move cgroup setup code to new file
c3119e7 cgroup: move more functions to cgroup-utils
0272dae cgroup: move setting resources to new file
80925dc cgroup: move some functions to a new file
9c014c6 cgroup: rearrange code
24f6b40 cgroup: quote file names
ed31849 cgroup: separate each cleanup to a different function
d9eba41 cgroup: drop argument from libcrun_cgroup_destroy
f47d933 cgroup: split systemd code to a new file
aed4362 cgroup: drop unused function
384cf2a cgroup: drop usage of raw paths
1f313a8 libcrun: new function libcrun_container_read_pids
ce7dedf cgroup: move returned data to different struct
e2670b4 cgroup: drop argument delegate_cgroup
22d9dcb cgroup: drop argument systemd_subgroup
a0d4d9f cgroup: drop unused argument create_if_missing
dc135cf cgroup: drop cgroup_mode argument
4dcbf43 cgroup: remove unused argument
16db42f libcrun: unexport unused functions
4b18425 Also run clang-format on *.c files in tests/
abdeabf container: allow libcrun_run_linux_container to call final _exit() for handlers
2d177df container, exec: refactor to new function
d78dff2 container: attempt chdir twice
c9052f2 container: make chdir error clearer
78cf48b linux: use sd_notify_barrier if available
0fa6447 libocispec: sync with recent commits
40e4736 utils: move safe_openat fallback to separate function
82d2170 mounts: handle paths with multiple slashes
79699be utils: write_file truncates existing files
ef37d51 linux: Enter specified cgroup namespace
a36bcdd tests: disable podman unuseful test
53f2615 .github: use a bind mount for /var dirs
5566520 tests: add build test for centos:stream9
940705f tests, centos8: use centos:stream8
0e99990 Change podman branch to fix CI
1575f2f Add file-locks checkpoint/restore option
d7029af linux: replace mounts lookup with gperf hashing
5511255 linux: support more recursive options
2dbce9b linux: use bool for is_user_ns
827b873 linux: new mount option "idmap"
02938ac linux: add function to send mounts from the host
b5fc60e linux: provide cleanup private data callback
a5a2ca5 linux: generalize opening mounts earlier
4523486 linux: silence warning
a01a03a tests: update podman
3c6d57d wasmedge: fix error message if VM fails to get valid result object
b48b654 crun: show if version supports wasm with configured runtime
365dc57 linux: new mount option "rro"
85c5bc9 linux: fix a race when saving external descriptors
825108e wasm: add support for wasmedge runtime
33e75d0 fix build error on ubuntu
e1c7293 clang-check: refactor to suppress -Wunused-but-set-variable where needed
575c4a6 ci: use latest docker with seccomp profiles supporting clone3
8e5757a NEWS: tag 1.3
685078a tests: temporarily switch to fedora:34
9ea94e9 wasm: allow wasi modules to read args from config
76759f1 fix status.h compile error in C++
952913b wasm: replace printf while relaying output to stdout with safe_write
152a3fc linux: bind mount the current cgroup path
ce211c5 linux: fix mounting cgroup2 with --net=host
e31ab81 wasm: add support for annotation module.wasm.image/variant=compat
2559696 wasm: add documentation
7407be1 wasm: add support to natively build and run wasm workload and wasm containers
6d046d6 oci-validation: checkout last working commit for runtime-tools
eeae045 cgroup: fix race condition when enabling controllers
fd7b3cb criu: do not override external_descriptors
979f6f0 criu: save the new descriptors after restore
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
7f84d5bc0d |
cri-tools: update to v1.23.0
Bumping cri-tools to version v1.23.0-26-g23f44eaa, which comprises the following commits:
e396a77d fix security test case for hostpid
670f1e50 fix log info for mount test case
3e01b9f2 fix seccomp test case for arm64
715ec019 Type cast error messages to `string`
f89ab075 add annotation for pull
ce8cbc3f Bump github.com/docker/distribution
cd38481e Update crictl ps to show pod name and image path
d5943543 Bump github.com/onsi/gomega from 1.18.0 to 1.18.1
e514433f Add backwards compatiblity to `Version` and `ListContainerStats` RPCs
9001d78a Switch to CRI v1 API
2694dc34 Bump google.golang.org/grpc from 1.43.0 to 1.44.0
4a54a037 Bump github.com/onsi/gomega from 1.17.0 to 1.18.0
5d213e82 Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
5828782d Bump docs to v1.23.0
c688ed1d Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
b93abd15 Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
5092844d Bump github.com/docker/docker
2816d415 Bump google.golang.org/grpc from 1.42.0 to 1.43.0
c15dbbc6 1.5.9
5a87849f Use same grpc max message size as Kubelet
1a64648a Add support for cri-dockerd
7bbcf895 Add support for specifying custom test container images.
f2091fc3 Fix cri-dockerd CI runs
61ba8b97 Fix Containerd main branch CI for Windows
e3e5375f fix ci for dockershim-critest
4611ba31 Update Windows images for ltsc2022
1a255046 images: use k8s-staging-test-infra/gcb-docker-gcloud
0f2d4138 Refactor fish completion
c52d97b1 Rename bash and zsh completion functions
cad0736a Add zsh compinit tag
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3110725635 |
cri-o: update to 1.23.1
Bumping cri-o to version v1.23.1-16-g1607c6ec2, which comprises the following commits:
f2d8f69e3 config/sysctls: validate against invalid spaces
b1932286d server: stop deleting pod from idIndex if already gone
bccfd5110 [1.23] ci: use kubernetes 1.23, cri-tools 1.23
2630e0f88 contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
e50405e5a hack/build-rpms.sh: fix yum-builddep failures
574393461 image: use imageCache value for ImageStatus()
4559c3328 oci: fix a leaked goroutine
e19f812f9 Reuse createContainerIO in CreateContainer
c9b4eb84e Fix vm containers couldn't restore after CRI-O restart
3899601f9 release-notes: add args for checksum fields
abe57a58b Updated format
b2fba4cf7 Generate checksum files for artifacts
0c619fc21 bump to v1.23.1
24092dd77 test: add test for skipped sysctls
b2ac1b7ca server: skip sysctls that would affect the host
8d512cbac server: don't set memory swap when it's not enabled
ac75b6cf0 deep copy List{PodSandbox,Container} structs
76e9feca0 ci: use main branch for conmon
54b6b7932 server: fix race with kubelet
987bd1366 Fix runtime panic on pod sandbox stats retrieval
a8513868c ci: use main version of runc
a6d6d3dde openshift e2e: bump ci image
8520be5fc server: fix a potential NULL-pointer dereference.
bc38aa734 pass the main mount point to fix crypto profiles binding
dc4bea916 test: update tests for allowed_devices
0f57bf75c config: add AllowedDevices option
dc224daf3 server: drop duplicate log message
11ffa6cbe test: add test ensuring a stopped pod is restored
a1ada429a sandbox stop: remove namespaces
89eccb5fc restore: handle removed namespaces
873414dbf Partially revert "restore: restore stop before managing namespace"
fe0e69dc8 restore: ensure containers are wiped on reboot
b905626d9 use cmdrunner singleton
228f82dbb conmonmgr: refactor for new CommandRunner
97bbe0637 cmdrunner: update mocks and add target to makefile
8ec9ce138 config: prepend commands with taskset if InfraCtrCPUSet is configured
81761eb2e cmdrunner: add tests for prepended commands
9c915e269 cmdrunner: create singleton
499540011 Use timeout for conmon cgroup move
04e8e4081 Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
021b5ba00 vendor: bump c/image to 5.17.0
dba27ab7e Add new metrics that match Prometheus best practices and reduce cardinality * add metrics with new names that match naming best practices * use _total for all counters * use base unit seconds, bytes * metrics that do not follow best practices have been marked deprecated, these can be removed in a future release, it is to ensure non-breaking change for couple of releases
e7aa30fdc unit test: fix relative log test
acc746e52 unit tests: update pinns path in case it isn't found in PATH
9f584ca4c test: skip target tests for userns
972c29c2d test: add test for target namespace
0176d5f92 add support for target PID namespaces
da0de5373 test: give testunit sudo
4b0d40ad4 oci: add managed pidns to container object
1fa69c707 pkg/container: take container namespace configuration
546732eed nsmgrtest: take some namespace related test code
440ba9feb nsmgr: add function to pin existing namespace
e122cb4f0 nsmgr: take (and rename) NamespacePathFromProc
8db9a89a5 pkg/sandbox: take config initialization
6f4e7bf8c Bump Kubernetes to v1.23.0
da8f9a07e set user.max_user_namespaces in case it's not
b8a766213 lint: bump cyclo complexity
0864aed84 gh-actions/contrib: setup sub{g,u}id
067551101 docs: add tutorial for setting up user namespaces
5d3c5a67f oci: put conmon in infra ctr cpuset if it is in the pod cgroup
231a358d2 test: add tests for user namespace annotations
ce3699969 test: move workload creation function to helpers
87aede8d5 cni manager: catch server shutdown
f3d2c601e server: notify user when network isn't ready yet
99e93ee58 stop using hardcoded "pod" const
9f81e4a00 oci: always reap conmon zombies
ab1b1aaaa clarify some error messages
96679844e Drop intermediate CRI types
3162e0552 Relabel containerenv files
f154c7c3c Add minimum_mappable_(u|g)id settings
bbc944cf6 Fix runtime panic on stats server shutdown
efcf8afe6 restore: restore stop before managing namespace
dec3bf5c9 server: add {,List}SandboxStats
5ba5cb0be server: refactor sandbox list
64870e3d8 server: use stats server to get container stats
b17b7dfd9 container server: use stats server
7f136833c stats: add stats server
43db34fb6 config: add StatsCollectionPeriod field
2569255c9 cgmgr: move most of stats handling to cgmgr
c6efa96ee oci: make changes in preparation for moving stats functionality:
536c08423 server: stub {List,}PodSandboxStats
542eb5580 server/cri: add PodSandboxStats support
ad71bd9ff vendor: bump cri-api
c5dd30dd1 server/cri: refactor to make stats processing unified
a598debac pkg/config: use iota
40dcd6da9 Add go 1.17+ go:build tags
6fbd6773f Remove redundant build tags
3064a9d7a Add containerenv file to containers This file indicates that the current environment is inside a container environment. The same technique is used by podman and docker. The same file name/path as podman was used, as it is vendor agnostic.
86538358a build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8
5fb7618d5 config: merge runtime and workload allowed annotations
28b01dad2 Updates kubeadm.md: The cgroup property is removed in [kubeadm-config.v1beta3](https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/)
5a510ad7f build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
99027c321 Specify runtime table format in the error message
1f7b886d7 build(deps): bump github.com/containerd/ttrpc from 1.0.2 to 1.1.0
cbfab09d5 server: fix segfault when using cgroupv2
0f99f3348 gh-actions: add sed for kube e2e
880744562 release-notes: update to main
60615f0a3 build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0
8530f0a38 build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
8daa9039a Bug 2012838: fix override storage options from storage.conf
0ce45a372 oci: fix deadlock in container stop code
cf7f6f5af build(deps): bump google.golang.org/grpc from 1.41.0 to 1.42.0
a216d3d24 oci: always close chControl
1e8e40aaa oci: make some channels buffered
3036101b0 build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
cf3524471 build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
2e1048422 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
10f8f17c4 Add annotation that makes /sys/fs/cgroup writable
7f747dde0 Add support for CNI plugins v1.0.1
ec6305762 bump(deps-opentelemetry)
37418e122 pin go.opentelemetry grpc/otelgrpc v0.25.0
c16429eb1 opentelemetry: add gRPC tracing
2a5623a2e build(deps): bump k8s.io/klog/v2 from 2.20.0 to 2.30.0
3571d9c74 build(deps): bump github.com/go-logr/logr from 1.1.0 to 1.2.0
ca38caa74 version: bump to 1.23.0
808681227 build(deps): bump github.com/containers/podman/v3 from 3.3.1 to 3.4.1
0b1b2061f build(deps): bump github.com/containers/common from 0.43.2 to 0.46.0
8f1daefc6 test: drop swap disable playbook
f253acb15 server: add support for CRI unified field
cd8bc4c1f server: implement swap support
9ab385d44 server/cri: add support for 1.22 features
aca331db3 test: bump cri-tools version
518fceb63 scripts: pin cri-tools version
97773983e server: reduce needless copying for sb.NamespaceOptions
b8b2f308d oci: refactor internal structure to use CRI type
9c813715d oci: use server CRI metadata type for containers
91289b929 sandbox: refactor internal structure to use CRI type
e45403022 sandbox: save createdAt as a int64
99cb4a362 build(deps): bump github.com/containerd/cgroups from 1.0.1 to 1.0.2
c119e253d build(deps): bump github.com/creack/pty from 1.1.16 to 1.1.17
6845b4233 build(deps): bump github.com/Microsoft/go-winio from 0.5.0 to 0.5.1
f61a4e097 Bump Kubernetes to v1.22.2
2cf307d2e sandbox: use server CRI metadata type
01ee37390 docs: emphasize deprecation notice
b7a80f137 update documentation for workloads
83518f098 add allowed annotations to workloads
b6b3f4cbb Log HTTP response writer message instead an error
20ad4f609 oci: use c/common signal parsing function
13182e64b Skip volume relabel for super privileged containers
cd2b0028a oci: chown stdin pipe to user in the container
c0a8f339c test: fix selinux test failures
f27efb28a build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
cd7f7cb46 Fix runtime handler docs
63d69d2a7 build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.1
b753b04a2 scripts: fix release branch forward script
87b8e5d05 server: FilterDisallowedAnnotations of containers earlier
0e02798d6 server: conditionally relabel volumes given annotation
99dac5fb8 build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0
6ec1ec47c test: refactor allowed_annotation tests
e70542f26 server: reduce args in addOCIBindMounts
f3106693c build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
74177a645 test: add label for openshift e2e in dockerfile
b2e665754 build(deps): bump github.com/containerd/containerd from 1.5.5 to 1.5.7
28043f5a9 test: skip certificate check for downloading parallel
086386bb1 Remove usge of deprecated apt-key in Ubuntu install
7ca329409 Fix install.md links
0f455e285 build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0
245a88040 use a more appropriate console with code block
8c088319f build(deps): bump k8s.io/api from 0.22.1 to 0.22.2
ef861e8c7 build(deps): bump k8s.io/cri-api from 0.22.1 to 0.22.2
c7e8c26f5 build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
757c863d5 build(deps): bump github.com/creack/pty from 1.1.15 to 1.1.16
5dd999e05 build(deps): bump k8s.io/apimachinery from 0.22.1 to 0.22.2
683428d75 fix node e2e
756543ec8 build(deps): bump github.com/intel/goresctrl from 0.1.0 to 0.2.0
d56449c4c bump crio commit used by node e2e installer
615ba94fd server: mount cgroup if hostNetwork
77b1a6e62 server: use container level host network setting
45366c8c7 server: don't recalculate hostnet
6493d8640 Fix typo in install.md
7071e5b3d Remove one of the explanations for `bind_mount_prefix` because it is duplicated.
7fe435d7d node e2e: keep infra container
c6f1ed4d5 add unit test for the `server/sandbox_remove`.
ce96d93c2 test: fix journald test for new conmon
9ada36be0 fix shfmt
19fb1db10 update `install.md` for debian and ubuntu
5b1c43bbb build(deps): bump github.com/json-iterator/go from 1.1.11 to 1.1.12
0833f62f3 build(deps): bump k8s.io/client-go from 0.22.1 to 0.22.2
f5ebb6c23 fix shfmt
61e08418a server: set spec when dropping infra
68c8989f8 Update 'master' branch links to 'main'
7fc2f88ce bumps pause image to 3.6
3fd1cd226 server: don't wait forever on conmon cgroup move fail
a9add6909 build(deps): bump github.com/containers/storage from 1.34.1 to 1.36.0
d7cc66fe8 Remove bashism in sh script
15f7f7e4e Do not log if Intel RDT is not supported
b9ad2de69 build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
eb45b4891 Fix cluster.yaml for kubectl create
69e88512a call cmd.Wait() in all cases we call Start()
07328622a oci: call wait on conmon if cgroup move fails
a377aec52 build(deps): bump github.com/go-logr/logr from 1.0.0 to 1.1.0
38f41c16a Fix `crio_image_pulls_layer_size_` metrics docs
9195a3417 Adapt to klog incompatible changes
a5716420b build(deps): bump k8s.io/klog/v2 from 2.10.0 to 2.20.0
6b96358ef Add `--profile-cpu` and `--profile-mem` options
ed0eca0f1 build(deps): bump github.com/containers/podman/v3 from 3.3.0 to 3.3.1
88f5e154d server: remove ineffective `updateLock`.
05e662469 Fix missing quantile in `latency_microseconds_total` metrics
681aa32ed Update crio commit for node e2e
94b9b8688 build(deps): bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1
c8ecab3da Bump runc binary to 1.0.2
0d640e6f9 Switch to go1.17 for CI
8bbbbf2b5 fix debian 10 build doc
639d494cd test/testdata/sandbox_config.json: fix the dns_config
af555c038 adds updating instructions to install.md
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
9c35224e1c |
containerd: update to v1.6.1
Bumping containerd to version v1.6.1-4-gd12516713, which comprises the following commits:
b13d3e05c cri: relax test for system without hugetlb
b325d5647 update to go 1.16.15, 1.17.8 to address CVE-2022-24921
787b4671d Prepare release notes for v1.6.1
444eba43d containerd-shim-runc-v1: return init pid when clean dead shim
37bb915c6 containerd-shim-runc-v2: return init pid when clean dead shim
9f316fa4b Use fs.RootPath when mounting volumes
8713c0472 Prepare release notes for v1.6.0
f261498e0 Update Go to 1.16.14, 1.17.7
fa19714db Update go-cni to v1.1.3
6e3cc28a6 Wait for containerd installation in GCE scripts
c0f818846 Update go-cni to v1.1.2
dea7ae27a Add instructions on using go with admin perms
4f0d5f0ee Enable TestContainerPTY and TestContainerUsername
732103271 Change the context to avoid misunderstandings
6827eec7a Prepare release notes for v1.6.0-rc.4
b0623a06e Change file name for shim binary path
daaf031e2 Use white logo in github dark mode
efc6ca4c4 Prepare release notes for v1.6.0-rc.3
7e821fb61 fix: .dockerignore makes git working tree dirty
ac2692d30 containerd-stress: introduce option for specifying image
8b9571e34 containerd-stress: start task ctr before starting execs
9b1fb8258 cri: fix handling of ignore_rdt_not_enabled_errors config option
dcbe3e471 docs: add Talos Linux to the list of adopters
821c961c8 pkg/oom/v2: handle EventChan routine shutdown quietly
2d9d5fddb Document fs_type and fs_options in snapshots/devmapper/README.md
a31e28e2c Prepare release notes for v1.6.0-rc.2
8944c12f5 Update releases document
8d69c041c Update cgroups to v1.0.3
bec6e4dd6 platforms.Normalize(): do not reset OSVersion and OSFeatures
34f717349 seccomp: kernel 5.16 (futex_waitv)
8632bdcb7 seccomp: kernel 5.15 (process_mrelease)
c013db696 seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
17a2831f7 seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
1329ea371 seccomp: kernel 5.12 (mount_setattr)
cc59ae4d9 tracing: return (ctx, span) from StartSpan
e751f1f44 tracing: support OTLP/HTTP in addition to gRPC
813a061fe oci: use readonly mount to read user/group info
c0e00f19a fix acr fetch token 400
4cd9f37f5 Fix windows periodic workflow
4aff7431f Fix possibly incorrect media type default on import
3ffb6a611 shimv2: handle sigint/sigterm
f048a2593 docs: add doc-comments on GC-related methods
31a710c49 fix: should not send 137 code event if cmd is notfound
936faf9c9 fix empty scopes return
c1e17d8ba Prepare release notes for v1.6.0-rc.1
4f552b077 Compile binaries for go1.16 and go1.17 in CI
7d7064e6b Integration: Change to Windows Server 2022 build number constant
2898004a5 Update kubernetes vendor to 0.22.5
4e9e14c2b Fix rdt build tags for go 1.16
af83e9af1 platforms: add support for matching amd64 variants
af39d2ad7 go.mod: Update hcsshim to v0.9.2
fcb7bd699 Remove api go submodule
46312f4a1 Update makefile to remove API submodule
ed0828bb6 delete useless code
21a748e38 go.mod: github.com/opencontainers/runc v1.1.0
dba897c35 update runc binary to v1.1.0
d5e8edf2d Do not automatically inject client traces
69ae95531 tracing: fix OTLP tracer's initialization
8dd36423b Revert "Add shared content label to namespaces"
a1ba38056 Update caching logic to avoid map access
ce3871966 services/introspection: support to show introspection grpc service
a018ae3f6 Prepare release notes for v1.6.0-rc.0
919797163 Integration: Switch to `upload-cloud-storage` Gcloud action.
8a2b61356 Integration: Switch to using `auth` Gcloud action in Windows workflow.
c0a31a7a4 Add ppc64 support for test images
a303d552a ctr: Unify the delete subcommand alias
b35fb7d44 remove io/ioutil
d05194f0a ctr: flag to toggle non-distributable blob push
f77989036 Add image handler to skip non-distributable blobs.
8c194d8f3 gha: run CodeQL scan on pull requests
f99e92359 Enable critest tests on Windows Server 2022.
55b89eabf Parametrize CRITest test images in Windows Periodic workflow.
18592b2f5 Fix wrong log message
bdc852190 test: e2e node COS cgroupv2 script
e38946d86 Updating adoption of containerd for AKS
8aca314dd Update error message for apparmor parser
48c7529de Fix incorrect error wrapped when closing ingest file
0c2c289d4 Fix seek error used without nil check
8816006d1 Fix followup items from errors replacement
a94f32ce0 update the adoption status of containerd in GKE
adee2c797 seccomp: add support for "swapcontext" syscall in default policy
4f0f36350 corrected link in cri architecture documentation
d3724a6c1 go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
bbe46b8c4 feat: replace github.com/pkg/errors to errors
e43d4206a Update k/k to 1.23.0
8d5af6be8 Prepare release notes for v1.6.0-beta.5
9c2e3835f cri: add ignore_rdt_not_enabled_errors config option
eba104816 Update dependencies
f4a191917 cri: annotations for controlling RDT class
eae14688c tasks: add Linux rdt support
9e755d12e cmd: add --rdt-class command line option
2946db890 oci: implement WithRdt
df21828d2 content/local: use syscall.Timespec.Unix
85326d76f fix: only test abstract unix socket on linux
90426378e Integration: Check GCP secrets on Windows CI artifact upload.
97623ab0c remotes/docker: allow fetching "refresh token" (aka "identity token")
8094f50dd remotes/docker/config: allow setting custom AuthorizerOpts
8e6afaa20 Fix $(PWD) issue for Windows makefile
653b8b02a Expect ErrorNotFound on Windows after Kill()
ac8129706 fix: use _ for consistency
f39b3ac7e fix(ctr): enable networking for Windows containers
0ff87a892 Replace tskill with taskkill
aadae6d50 Fix flakiness on Windows for list stats
d53c43133 Fix no-daemon flag for integration/client tests
5c2edeffb Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
2ee3ce510 Use insecure.NewCredentials instead of grpc.WithInsecure
2fb739aa2 Upgrade OpenTelemetry dependencies
34c4abc34 Fix default makefile target for windows
78ad7a2d3 cri-integration: Add Windows default paths
abcf7c2f6 Disable TestContainerHook on Windows
f1c799331 seutil: Fix setting the "container_kvm_t" label
c8a009d18 add-list-stat: return container list if filter is nil
f83ab813d Use task plugin for runc shim
04e57d71b Seperate shim manager and task service
44b28b61f medatada: make namespaces' deletion error less cryptic
20419feaa cri, sandbox: pass sandbox resource details if available, applicable
9e9ee66bf integration: deflake TestContainerdRestart
dd26d3d09 feat: support custom timeout for blot open
c0d07094b feat: Errorf usage
0e472420b Update Go to 1.17.5
569042e6d Prepare release notes for v1.6.0-beta.4
552a27081 Disable restart monitor test in Windows
b7f673790 OCI: Mount (accessible) host devices in privileged rootless containers
7f70ff967 oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
2c96d5b06 Run windows parallel integration test as short
807213fd3 Update restart monitor test to output daemon logs on failure
9b0303913 only relabel cri managed host mounts
90cdc6c9a images/converter: remove deprecated types
fc8138468 go.mod: update image-spec to latest (v1.0.3-dev)
2d3009038 cri/server: use consistent alias for pkg/ioutil
dc13bcd51 Enable lazy init for ext4 with devicemapper
68dabdcc6 Use RFC3339 format so rg cleanup works
6f9d80907 Remove Windows integration testing for 2004.
77a321a07 Replace find with native Go code
22dc60e05 Enable TestVolumeOwnership on Windows
441bcb56d Skip WithAdditionalGIDs on Darwin
4c1e26cd5 Don't fail-fast on Windows integration tests
c9d1e155c go.mod: github.com/opencontainers/runc v1.0.3
44995d483 update runc binary to v1.0.3
416899fc8 Allow native snapshotter on Darwin
6b0e2414c Do not use `go get` to install executables
d2f1dda0f Include runtime v2 in default builtins
392f604eb Use a single RUN command
533dd1c0e fixup: check for swap accounting
f33d38c7c integration: align tags of test images
c5b0a18b6 fixup: handle diff between cgroupsv1 and v2
9cc0d1f07 Set explicit ACL on test files
4ccf287da Set CONTAINERD_ROOT in Windows cri-integration
ff77dd112 Add Windows Server 2022 CI runs
fd0850e9e Update continuity dependency
ff9d7aef3 Update volume test images
2fa4e9c0e cri: add support for configuring swap
bae0d88ae Add error logging on cleanup
6bccd67e8 Revert shim plugin migration
665877a5b Move volume images from gcr to ghcr
323a62d7b Add permissions
f3195b3b5 export oci.DeviceFromPath()
c6d26f0d3 Authenticate against ghcr.io
2a6857d06 Skip TestExportAndImportMultiLayer on Windows
6ff1a5934 fix when kernel version < 4.13rc1 by using index=off cause overlay test error
94462d8f5 oci/deviceFromPath(): correctly check device types
7a4415dd5 Add VMware TKG & TCE to Containerd adopters
46892d340 Vagrantfile: update to Fedora 35
8de1117c9 integration: add stats result in error message
6681cc4b9 ctr/snapshots/diff: don't show the media-type in output
a97564411 remotes: fix dockerPusher to handle abort correctly
1698d061c Build volume test images on Windows
7ccd733d2 Add image build workflow
95b3ab2a4 ctr: Add Linux Capabilities control flags
3d318b3bb docs: mark 1.4 as Extended
9a994877c docs: fix RELEASES.md gRPC API anchor
0a25bc1aa Integration: Separate Windows Periodic Tests workflow trigger.
507bfc91b feat: skip ci for fork
9dfbcbbc4 content/local: Close the file if Seek fails
5015130f7 Fix executable file not found when restoring shims
2b28dd363 Fix wrong make target on documentation
cb1359fa8 Integration: Remove explicit version passing to `azure/CLI`.
fa6759ae5 fix: server error return
5e4b033ec Update README.md repo->org
5f293d9ac [CRI] Fix panic when registry.mirrors use localhost
674b94c42 Prepare release notes for v1.6.0-beta.3
f5863e22f Update API version in go.mod
5df9ec366 Update release name to use consistent format
f8d734e40 fix: make max recv/send msg size setting default
63895de45 Add support for TMP override on toml
444ef2f6d Generalize Windows CI setup script for any user.
3d6bfa3f5 Standardize cmdlet capitalization in Windows CI scripts.
6835a9470 Split runc shim into plugin components
6eea8f3f6 Add shutdown package
547040cd5 feat:support custom callopts on client side
bef792b96 feat: use rwmutex instead
2f31dcda7 release: change tar name to match prior releases
70c88f507 schema1: reject ambiguous documents
eb9ba7ed8 images: validate document type before unmarshal
2a81c9f67 CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
db124c560 Close file if permission modification fails
526defb57 Fix containerd fails to pull OCI image with non-`http(s)://` urls
89eebc4c0 Fix wrong error returned for image index lookup
be84932e1 Rename release dockerfile to omit distro name
28126fd60 release: improve dockerfile
27d7c5038 Add arm64 to releases
6765524b7 use write lock when updating container stats
b103bee4c go.mod: Bump hcsshim to v0.9.1
e17fe37e0 Fix package alias
920b24793 go.mod: Bump ttrpc to 1.1.0
6870f3b1b Support custom runtime path when launching tasks
91bbaf679 [cri] add sandbox and container latency metrics
a3b756ce1 Prepare release notes for v1.6.0-beta.2
574800633 cleanup: add more description on comment
a22346622 CI: bump up crun: 1.0 -> 1.3
97073c943 go.mod: github.com/moby/sys/mountinfo v0.5.0
19d9d0d2a go.mod: github.com/moby/sys/signal v0.6.0
9c455ded6 go.mod: github.com/moby/sys/symlink v0.2.0
fa12f4e69 go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
869ccc01c Update Go to 1.17.3
3196e65f5 docs: document the runtime shim plugin config options
0d8e07681 docs: use proper markdown lists in containerd-config.toml.5.md
54c0cdae6 Update TestRestartMonitor expected time check
d4f4c1380 Add runtime path in CreateTaskRequest
548579d0e Pin az CLI version
2e6d5709e Implement CRI container and pods stats
b69bbe25a Vendor latest k8s.io/cri-api and netlink
9bfec3980 test: Add grace period for restart monitor test
d022fbe78 Address PR comments
82cb0a63e Add mkdir on Dockerfile
6fa1bb4a5 Fix build after rebase
2cec3a34b Migrate task directory
8b788d9df Expose shim process interface
733519677 Fix after rebase
df8c206a9 Cleanup shim loading
b554b577b Move shim restore to a separate file
a3d298193 Fix backward compatibility with old task shims
33786ee4d Add plugin dependency between shim and shim services
fb5f6ce3c Rework task create and cleanup flow
7c4ead285 Add task manager
2d5d3541e Rename task manager to shim manager
ea8978810 adds additional debug out to timebox cni setup
6fa9f22fa compression: support zstd with skippable frame
f0d3ea96c converter: Allow hooks during image conversion
6ee8577e5 sys/reaper: avoid leaky goroutine when exec timeout
88fc5cf2d Adding scope tests for ParseAuthHeader
3e51312a6 fix shim reaper wait command execute blocked
7438edc7e Adding tests for GenerateTokenOptions
9b4a6f129 Generate token options with each scope as a separate string.
b8f3ebb03 vendor: update moby/sys for darwin support
0ccc386c8 Prepare release notes for v1.6.0-beta.1
e5fc3b38e Update mailmap
37720fc6f Update api vendor
a217b5ac8 bump CNI to spec v1.0.0
010a9e2bc content: close stream after commit request
ebc5cf19a feat(doc): update to version 2 syntax
294143bf3 Inject otel traces to grpc client.
cd2f2b0af client: expose (*image).platform
535191abf fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
3b73922fb feat(doc): add Core Scheduling documentation
c18c2e735 Fix spelling mistake in Windows snapshotter
130a9c7dd Ensure namespace is proxied to grpc/ttrpc plugins
2a8dac12a Output a warning for label image labels instead of erroring
602018900 integration: Enable some tests for Windows
1f1cad391 io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
46be06937 close Writer after use which may leak mem
1abe50512 Prepare release notes for v1.6.0-beta.0
c5947557d Add error message to in TestContainerdRestart integration test
072a7074b Fix typo in the NewContainer function documentation
ac2df3ba9 test: check file content after mount
18d483b23 Update cgroups to v1.0.2
4ed3c524c Update test timeout based on recent cancellations
d252a293d Remove extra test_teardown
4a569c889 Check the pid in cri test teardown
f1054dbbd fix integration client vendor
e48bbe839 add runc shim support for sched core
de1a39bf3 Update Go to 1.17.2
46b152f81 vendor: Bump hcsshim to 0.9.0
fb4432c24 integration: Enables TestVolumeCopyUp for Windows
0ba3532f5 integration: Enables TestRuntimeHandler for Windows
830b3c26e integration: Enable some tests for Windows (part 2)
3a713811b run `gofmt` with Go 1.17
96018b7db vendor: Updates go-cni
703b86533 pkg/cap: remove an outdated comment
1ee2bff0e Update go otel 1.0.1
b9a0c5080 modify the way for checking cos
c528d2c39 Update ADOPTERS.md with additional uses
5b222d54a commands: Enables task metrics for Windows
9734b4039 Pin mingw to version 10.2.0
d19af5afb Update to golang 1.17.1
3cb0ec01e Install nssm
02e77bcdc task service: return known error type
791e175c7 Windows: Fixes Windows containers with image volumes
049042382 fix: update vendor
5c2426a7b cleanup: import from k8s.io/utils/clock/testing instead
6484fab1e cleanup: import from k8s.io/utils/clock instead
d16942cf1 feat: enable cri remote client to call with grpc calloptions
ca35f4e82 Windows: Cleanup rm- prefixed layers
f6b7e07fd cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>)
933ddaa6f fix: wrong flag type
da16d492c feat: support import image for specific platform
67b883146 Update mirror images to take target image name
e6ddffc2a fix: make exec-id flag required in exec command
09c9270fe images: enable converter to uncompress zstd
694a00754 replace deprecated function
2bc77b8a2 Adds Windows resource limits support
224454062 Fix main branch build is broken
7c621e1fc btrfs: reduce permissions on plugin directories
fcffe0c83 switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound)
b9cf0d75a Fix panic in metadata content writer on copy error
6886c6a2e v1 runtime: reduce permissions for bundle dir
7d56b24f1 v2 runtime: reduce permissions for bundle dir
7a7a9a282 integration: Adds test for multilayer image import
f7658e37d runtime: should fail fast if dial error on shim
483d2e947 go.mod: update opentelemetry modules to v1.0.0
084387e0b Move tracing to plugin
45c3453a7 Add open telemetry logging hook for logrus
16f3d67b5 add current process state to the error message
407d60694 Add github action to mirror image
97df73004 gha: collect Vagrant VMs' IP addresses
2bffb5f9b FreeBSD: fix tar headers & the nil check on getxattr
7854e0bff bump continuity and console version that remove pkg/errors
16d3f48a2 ctr namespaces: improve usage string
50da67359 refactor: move from io/ioutil to io and os package
a68fb7add bump console version to v1.0.3 that remove pkg/errors
3e72e335f Use github images for integration tests
55893b9be Add CNI conf based on runtime class
50a568595 Change oci.WithUser behavior for LCOW
65f6a896c Fuzzing: Add 4 fuzzers + small modifications
2fecf5b02 Make sure exit signals trigger an exit during init
f40df3d72 Enable image config labels in ctr and CRI container creation
6875aa5d3 import: Add option to skip creating digest image
f700ae873 CI: bump up crun to 1.0
55923daa9 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
8596d1188 Fix typo
73dbbf5bf Update to Go 1.17.1
498e5b27f fix error string format
6d961f967 CI: Switch to available latest images
e087b47e9 import: Raise error if the imported image is filtered out
91b64c58b add xfs support to devicemapper snapshotter
8ff8b1b82 vendor: update continuity for darwin support
1efed4309 add ip_pref CNI options for primary pod ip
16cd6ed13 Additional integration tests for pulling image with labels
756f4a314 cri: add devices for privileged container
9954147c0 pin protobuild version to tag
2458afeb1 Fix content copy to not ignore unexpected EOF
6bec0d39b use a const metric for build_info
ae27a6b05 Add metric exposing build version&revision
8e850bc0f replace deprecated Dail with DailContext
aeea697d8 Add WS2022 support in Windows Periodic tests
55faa5e93 task delete: Closes task IO before waiting
f42513112 integration: Adds Windows HostProcess tests
ccc5ee303 archive: Add WriteDiff error logs
820bd9269 fix document non-synchronous in crictl.md
2bcd6a4e8 cri: patch update image labels
789abc936 using Hosts replace deprecated field
57e10439d Fixes task kill --force on Windows
abf4de498 integration: Enables Windows containerd restart test
96ec0b6f3 content fuzzer: Clean up tempdir
eb2530be8 Makefile.linux: build on riscv with PIE
6b0b64a51 ctr: Fixes Windows image import
a43fa9f28 darwin: runtime support
5dd38792a darwin: use the default values for socketRoot variable
27046a9e0 Fix cwd flag for `ctr tasks exec`
24cec9be5 sandbox: Allows the sandbox to be deleted in NotReady state
1dd0d59b7 go.mod: Update hcsshim to v0.8.21
6d3d34b85 Update Pause image in tests & config
278176db1 Address issue forms feedback
838afd211 Adding testing of two devices
e0f8c04da cri: Devices ownership from SecurityContext
7bc5aa74c Fix pull fails on unexpected EOF
11ab3cba0 Use issue forms for bug reporting
e2c769d6f windows: The DefaultSpec platform should match the Default matcher
7826a21ac Update RELEASES.md
2ac996840 replace uses of os/exec with golang.org/x/sys/execabs
25644b461 Add RunAsUserName functionality for the Windows Pod Sandbox Container
e18516767 go.mod: update runc to v1.0.2
3f8ea1b6a update runc binary to v1.0.2
429296910 go.mod: github.com/pelletier/go-toml v1.9.3
f8dfbee17 add cri test case
9a8bf1315 feature: add field LinuxContainerResources.Unified on cri
d3aa7ee9f Run `go fmt` with Go 1.17
c3609ff4c cri: filter selinux xattr for image volumes
4dd5ca70f script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0
f7b1ceb9f integration: investigate TestRestartMonitor's failure
acb81bbda integration: fix TestContainerPids
9fe7bc938 Bump integration timeout to 35 min
7fba86264 Fix dir support for devices V3 (#4847)
6f60b3016 [ctr] add HOSTNAME env for host network
8d135d284 Add support for shim plugins
f8602c372 Update to Go 1.17
c9b1b2fd5 Fuzzing: Add fuzzer
9e1b57ca0 Add env for SystemdCgroup driver
1224060f8 Allow expanded DNS configuration
538d93d2f Fuzzing: Add 4 fuzzers
79b369a0b Added windows hostProcess cni skip
82fe0db9a Fix bad `make protos` failure
1c47fb17f docs: remove FOSSA's badge
bc4cea4e4 docs: rename main to master
5e49ec27d Use http.Get to download binaries instead of exec.Command
e6538b8bc Add trap to cri-integration test script
d2f3b7146 add cpu-shares to ctr
30b832e49 archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624
9cc179aa7 BUILDING.md: remove some bits about building runc
42b57cc73 BUILDING.md: markdown fixes
a3d6edc0e content: return the error with its timestamp
a5468852f docs: list all snapshotter-related build flags
e634f04d8 go.mod: update kubernetes to v1.22.0
11a90c7ff Fuzzing: Add experimental version of container fuzzer
42a28ad2c Update Go to 1.16.7
534685f95 Fix Linux CI Linter using go 1.15.14
10eab21a4 Cleanup CI
0a0621bb4 Move plugin context events into separate plugin
6f027e38a Remove redundant build tags
3c5424454 [otel-tracing] vendor and go modules changes
3597ac859 [otel-tracing] Initial opentelemetry support
7917da764 Change default directories on Darwin
10824eaf2 remove go 1.13 from containerd
d30d897ef Cleanup v2 shim
c3c276ae1 Fuzzing: Fix for OSS-fuzz issue 36825
6c257552a scripts: declare ROOT closer to where it's used, and some DRY changes
dba0ef4eb scripts: add missing quotes, and minor linting issues
0cb656860 test/build-utils.sh: remove support for Debian Jessie
41a04246f Fuzzing: Add two more fuzzers
2c699cc35 Fuzzing: Remove panics of container_fuzzer
f2c3122e9 platforms: Format(): use path.Join() instead of joinNotEmpty()
acecd6603 Change protoc link
ce437864b mergo: Upgrade to 0.3.12 to fix panic
d1e868c83 ci: install criu from PPA
e692a0192 Add shared content label to namespaces
3a8622e30 Updates the location of protobuf downloads in docs
0d9393650 Update protobuf install to use correct repository
d62d6c11d Split release steps into multiple tasks
b4807122d Update release workflow to upload binary without CNI
67406b373 overlay: add an optional label of upperdir location of each snapshot
43117cf91 Script to check if entries in go.mod files are in sync
4ab3e7a53 runtime: fix the issue of create new socket with abstract address
cc88f8e0a Split fuzzer to two fuzzers
7a10fd4fc respect context timeout in shim binary call
23bc3db91 Enable critest on Windows
494b940f1 Introduce a new go module - containerd/api for use in standalone clients
4fdb88464 add CRI support matrix to RELEASES.md
b5fc7846c adding a little more clarity
1d3d08026 Support SIGRTMIN+n signals
18d6cc1b0 update gotestsum to v1.7.0
efa8ab715 Add runtime label to metrics
6294235d8 Fuzzing: Add container fuzzer
2405671d4 platforms: add "ios" as known OS, "loong64" as known ARCH
2556aac67 Fuzzing: Add archive fuzzer
0d45ac14e interface about shim build check
00d52bb15 integration: log all processes to investigate the test failure
f1d79d33b Discard blocks when removing a thin device
d2b6d192d Update cpuguy83/go-md2man binary to v2.0.1
53ec1abec remotes/docker/pusher.go: Fix missing Close()
67d07fe5c remotes/docker/fetcher.go: Fix missing Close()
0789a0c02 Add docker fetch fuzzer
b483177ee Support custom compressor for walking differ
150e07b64 Use systemd cgroup driver for cgroupv2 tests
603962bc8 update gotestsum to current master
a12c7bd1c go.mod: runc v1.0.1
43e0594ae update runc binary to v1.0.1
9537bc265 Dockerfile.test: build containerd in separate stage
36be5ef3a Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding
8faacfca1 Dockerfile.test: clean up apt indexes after installing
9f7e6335c Dockerfile.test: build critools in a separate stage
7ec8e2d36 Dockerfile.test: build cni in a separate stage
f9f423c07 Dockerfile.test: standard directory to collect build aftifacts
e9f26eb87 Dockerfile.test: split dev stage, and optimize order
25fada0cc Dockerfile.test: skip curl, gcc, git and make install
546538971 install-critools: make sure DESTDIR exists
dbef1d56d runtime: runc v2: remove redundant validation
18321f539 Move loop check to before sleep
2e8a572df Add timestamp to flaky restart monitor test
55fd2ab5d integration/client: go mod tidy
e72046f86 Update Go to 1.16.6
bc4e416c8 Add test for archive breakout test for lchmod
894b6ae39 Fix missing Body.Close() calls on push to docker remote
ac75071b4 remove pkg/cri/platforms package
0a8802df6 Allow WithServices to use custom implementations
aefabe546 Dockerfile.test: add "cri-in-userns" (aka rootless) test stage
53835221f Cleanup lchmod logic in archive
d1c105192 use fu wei's suggeted interface pick for marshaling
14962dcbd add alpha version
4c6e4a06f gha: make release workflow work in forks
73d28ddeb client: surface a connection error more clearly
a7ad6b3be Add support for registry host path override
3a0b9ec6b Add unit test for plugin
95c708572 Update documenation for OCI distribution 1.0
a81f05f36 [Vendor] Update hcsshim to 0.8.18
16deba098 integration: Windows volume-copy-up images
63fe34add grpc config add options tcp_tls_ca
a5c417ac0 move up to CRI v1 and support v1alpha in parallel
bda7b5866 feat: Add snapshotter label to the new snapshot for container.
2019a1e68 Makefile: fix DESTDIR and PREFIX concatenation
04ab4418f test integration: Adds a test that restarts a failed container
03ee45006 snapshot/devmapper: log exported methods correctly
a964cf0cc un-export mount.FMountat
21f532d51 move sys.FMountat() into mount package
dac2543a0 sandbox: send pod UID to CNI plugins as K8S_POD_UID
5a0beaefb sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils
f913a4275 go.mod: runc v1.0.0
28bb59c08 update runc binary to v1.0.0 GA
63c185da9 content/local: inline sys.StatATimeAsTime()
09d78bb6b allow multi gpu to be specified via ctr
560e7d479 fixing some doc links
d9694b297 Sync integration/go.mod with root go.mod
4a46ea2f4 archive: Expose ChangeWriter to allow customized diff computing
cd33c007c CI: Switch to available latest images
75b4c83f0 fix deprecation config for default runtime
1bbee573a github.com/golang/protobuf/proto is deprecated
91c8fa452 Update github.com/golang/protobuf from v1.3.5 to v1.4.3
b7e79dc5a Update google.golang.org/grpc from v1.27.1 to v1.38.0
8d2e156dd Increase golangci-lint timeout
87a2e0b2a runtime,v2: Enable debug when containerd is on debug+ log level
05e51539a command line flags of setting container rootfs propagation
394f86475 Re-enable criu in main integration runs
1dada3fc2 add cgroupv2 setup for cos with a flag
bfbebf02b Update gotestsum to add timestamps to junit output
2bb8ad7c9 Makefile: pass build tags to manpage build process
f60d447c1 Makefile: fix tags parameter computation
9c01fe20d Allow to pass --no-cgroup option to nvidia-container-cli
77374e8b3 Makefile: FHS conformant manpage installation pathes
3ab974433 Add proper Go version before project checks
af5a130bc Enable cri-integration in Windows Periodic Tests
7a2b04758 adds explanation for seccomp unset/unconfined default vs runtime default
01585595a update integration/client go.sum
419d616fe Install specific golang version in Windows CI.
69f43d458 Revert diff/walking error change
728743eb2 Fix cleanup context of teardownPodNetwork
014748bc0 fix invalid validation error checking
cabe67736 tests: Use EnsureImageExists for image pulling
a78bdf22d tests: Refactors PodSandbox creation
9a451d103 Update opencontainers/selinux to v1.8.2
93e268f62 tests: Symlink volume tests
edfd8d599 Change Wrapf of non-error to an actual error
a93b5cbc2 Install apparmor parser for arm64 environment
5f0fc4893 Add creation timestamp to RG
75daf45be docs: explicitly mention containerd's Prometheus path
2f870aa89 integration: Cleanup containerd on test teardown
558fdc680 diff/walking: fix defer cleanup
b5f530a15 Makefile: fix DESTDIR environment variable behaviour
498bb36f6 scrub the stale TODO
93d4541a2 docs/cri: update ocicrypt link
792466495 docs/cri: fix broken links
05c03de94 Update Windows periodic tests
9fcea1d3f Rename atomicWrite to writeToCompletion
b996e49c5 Do not run btrfs tests if btrfs kernel module is not loaded
50ad4b96c Fix incorrect UA used for registry authentication
923ab5b7c Makefile: use $@ for target file names
535d9cc59 ctr: parse mount options with embedded = character
a4f97d45d Add ruleset=4 option
5dec27b6f ctr: exec handle pty resize after Start
e1c845df5 Fix small typo
b9378b452 ctr: exec setup IO with console
869375a41 Remove useless lines
79e345221 update the link
1acca8bba Don't check for apparmor_parser to be present
ec28288f4 bump runc version to v1.0.0-rc95
599127f4d update runc binary to v1.0.0-rc95
a5b1740bb fixed typos
77285e311 Schedule Windows job daily after midnight.
2b58782df Update windows-periodic.yml
5dbae87c5 Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0
1093f05ab Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
b6a251749 bump hcsshim version to v0.8.17
b1d4140a2 Update docker resolver to authorize redirects
09a0c9471 tests: Adds support for Windows cri-integration tests
315739251 just release ctd-decoder not ctr-enc
1442fee22 Remove mountpoints not commonly mounted on FreeBSD
fc4da9728 Pin integration test image for alpine
9643c9965 Makefile: allow overriding install command via environment
4b1b8346b Makefile: make sure manpages are built before install-man
6e249b1ae adds credentials description
de04b3243 Add copyright header & make sure compilation succeeds on all platforms
e1fd6be7e Fix mounts for FreeBSD
de6db4038 Update vendored runc to v1.0.0.0-rc94
5c99f150a Update the runc binary used with containerd to runc v1.0.0-rc94
b890f056e Fix content.ReaderAt close
c5797c8fc Update releases doc with updated support timeline
c74a6c419 update to new cri-tools make install
e37ddafab metadata: modify NewLeaseManager to return leases.Manager
79d800b9b Update Go to 1.16.4
0ba7303ee Prepare default branch rename
7d70992d3 tests: add test for adaptor
e120261ee windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
0b786908c doc: add missing namespaces package
b0d3b35b2 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
9ea25634b Makefile: allow overriding go command by environment
81402e475 Fix different registry hosts referencing the same auth config.
b56527cb7 update seccomp version
8014d9fee Skip TLS verification for localhost
b538d8f1a Update golang.org/x/sys to add linux/ppc support
b59e29773 adds description for hosts.toml
e26fc8472 go.mod: cut circular dependency on github.com/containerd/containerd
15e0bd513 integration/client: go mod tidy
98f5922b5 plugin: optimize the check for the last registration
273c2bb16 tests: Prepull images used in tests
402acd7c1 Small typo fix "reimporst"
f21627059 Use DeactivateLayer to recover layers that we cannot rename
421fc6ea7 Add CI periodic Windows Jobs.
c0e2f4b5d Try next mirror in case of non-404 errors, too
f8538b5e1 Fix error case in Windows layer cleanup
b592a4c1e oci: fix WithDevShmSize
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
db45737c35 |
conmon: update to v2.1.0
Bumping conmon to version v2.1.0-316-g4c41ec2, which comprises the following commits:
4c41ec2 meson: Handle journald
d1565ee bump to v2.1.0
96b8688 logging: buffer partial messages to journald
f20bbbe ci: add podman system to different cache
bde1b3c ci: install rootlessport right
2b10f9a ci: install go correctly
4f0b7f8 ci: add subid ranges for crio tests
e827355 ci: install all binaries for podman-system
ad092b1 ci: run vendor on podman job
b6025be ci: set host IP
ca12794 ci: give conmon job sudo
d6bdb97 ci: bump to go 1.17
e2215a1 exit: close all fds >= 3
830e644 fix: cgroup: Free memory_cgroup_file_path if open fails. Call g_free instead of free.
5a2cf98 Make libdl optional in meson definition
4edfc92 bump to v2.0.33-dev
436b460 bump to v2.0.32
f1fee3a Avoid mainfd_std{in,out} sharing the same file descriptor.
7c784a0 exit_command: unset subreaper attribute before running exit command
dc197c9 bump to 2.0.32-dev
7e7eb74 bump to 2.0.31
a854c52 conmon: fix error message
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
51013405c2 |
nerdctl: introduce recipe
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Tim Orling
|
0ffb6e56b6 |
cloud-init: inherit setuptools3_legacy
cloud-init still requires legacy setup.py behavior. Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Michal Orzel
|
ca4601a54a |
xen: Override CC and CPP in make command line
After 4.16 release, Xen build system has been changed significantly. When building latest status of Xen it was observed that commit 317c98cb91 broke the hypervisor build on arm32 due to the change in handling Rules.mk that xen.inc modifies to override CC and CPP. In order to fix the issue this patch moves overriding CC and CPP from Rules.mk to make command line by adding them to EXTRA_OEMAKE:arm. Take the opportunity to bump SRCREV of xen_git.bb and xen-tools_git.bb to the current status of master. Signed-off-by: Michal Orzel <michal.orzel@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Kai Kang
|
2dc502a269 |
libvirt: backport patch to fix compile error
Backport patch to fix compile error of libvirt: | runtime error: file ../libvirt-7.2.0/docs/page.xsl line 217 element element | xsl:element: The effective name '' is not a valid QName. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Kamil Dziezyk
|
4369415b91 |
xen-*image-minimal: Install *xen-acpi-processor package only for x86* machines
Kernel module xen_acpi_processor is built only for x86* architectures, therefore 'kernel-module-xen-acpi-processor' package is compatible only with x86* machines. Issue-Id: SCM-3892 Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com> Change-Id: I8dde00e3c78a1f9eea50b19fbc1981f5e26df133 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Ross Burton
|
26017da9d8 |
python3-dtc: fix missing files in sysroot
There is a bug in SWIG/setuptools where 'pip install' doesn't build libfdt.py unless the build tree is already dirty, which makes using the library impossible. Bump the SRCREV to incorporate the upstream workaround for this issue. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Tim Orling
|
0f3da01452 |
lopper: fix wheel build
The wheel that is built is: lopper-1.0-py3-none-any.whl Set BASEVERSION to 1.0 and use this to set PV and the value for PYPA_WHEEL (the path to the wheel filename). Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Tim Orling
|
35f34844ff |
python3-dtc: fix wheel build
The wheel that is built is ${S}/dist/libfdt-1.6.2.dev39+g4048aed.d20220103-cp310-cp310-linux_x86_64.whl
Set PYPA_WHEEL to match this.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Kasper Revsbech
|
e6f165dcec |
xvisor: Remove bb.error when builing for non-supported arch
Change bb.error to bb.note when getting config and arch of target/host as it is not an error if arch is not supported that should flag when parsing the recipe. It is an error if trying to include in image and that is already handled in COMPATIBLE_HOST Signed-off-by: Kasper Revsbech <kasper.revsbech.ext@siemensgamesa.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
ef08aac3dd |
conf: drop honister from compatibility
The variable renames in OE core are parse errors, not warnings, so maintaining compatibility for both honister and kirkstone in the same branch isn't feasible. So we drop honister in preparation for release. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
108e089f7e |
global: update licence values to SPDX values
These changes are the result of running the convert-spdx-licenses.py oe-core script. There's no impact to the build, but we will avoid issues when interacting with core QA by the alignment. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
c113c0936a |
conf: add kirkstone to layer compatibility
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
f895d152d2 |
cri-o: update to use SKIP_RECIPE
oe-core has remove PNBLACKLIST in favour of SKIP_RECIPE, so we update our recipe accordingly to avoid warnings. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
48c9b9a891 |
nagios: update to use SKIP_RECIPE
oe-core has remove PNBLACKLIST in favour of SKIP_RECIPE, so we update our recipe accordingly to avoid warnings. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
He Zhe
|
44e95d9471 |
openvswitch: uprev from v2.15.1 to v2.15.3
commits short logs: e4d2df62e (tag: v2.15.3) Set release date for 2.15.3. b8baa1141 python: Add cooperative_yield() API method to Idl. 7834abc66 ofproto-dpif-xlate: Snoop ingress packets and update neigh cache if needed. 833c02daa tnl-neigh-cache: Do not refresh the entry while revalidating. e2182eca8 tnl-neigh-cache: Include expected array sizes in prototypes. 566fe4372 tnl-neigh-cache: Read/write expires atomically. d477f6000 compat: handle NF_REPEAT error on nf_conntrack_in. 0590e8838 flow: Consider dataofs when parsing TCP packets. 7266042d8 tests/flowgen: Fix packet data endianness. d2e0632db ofproto: Fix resource usage explosion due to removal of large number of flows. 0a7e66e37 ofproto: Fix resource usage explosion while processing bundled FLOW_MOD. 68466efed tests/flowgen: Fix length field of 802.2 data link header. 2a2185f9e ovs-lib: Backup and remove existing DB when joining cluster. fcbc29c6f docs/dpdk: Fix install doc. a5d97d420 ovs-save: Save igmp flows in ofp_parse syntax. 1cbd1f0f5 faq: Update OVS/DPDK version table for OVS 2.13/2.14. 01bc910e5 ofproto-dpif-xlate: Fix check_pkt_larger incomplete translation. 08a270dda datapath-windows: Reset flow key after Ipv4 fragments are reassembled eca2d50d4 datapath-windows:Reset PseudoChecksum value only for TX direction offload case 031cf67e0 netdev-offload-tc: Verify the flower rule installed. 952e85150 ci: Make linux-prepare trust system installs. 2cf63851a Prepare for 2.15.3. 63f9a7c5d (tag: v2.15.2) Set release date for 2.15.2. b7d9c491e datapath-windows: add layers when adding the deferred actions 3f718857e ofproto-dpif-xlate: Fix zone set from non-frozen-metadata fields. ea2ca0af1 dpif-netdev: Fix use-after-free on PACKET_OUT of IP fragments. 9f964354e tunnel-push-pop.at: Mask source port in tunnel header. 58397f222 dpdk-stub: Change the ERR log to DBG. 2a963fc31 python: idl: Avoid sending transactions when the DB is not synced up. 9efa2ea61 ipf: release unhandled packets from the batch f8274b78c datapath-windows:adjust Offset when processing packet in POP_VLAN action a2f860aa2 cirrus: Reduce memory requirements for FreeBSD VMs. 7788f1579 netdev-linux: Fix a null pointer dereference in netdev_linux_notify_sock(). dd32deba6 pcap-file: Fix memory leak in ovs_pcap_open(). 9f2f66c8e odp-util: Fix a null pointer dereference in odp_flow_format(). 02b0c265c odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__(). 031eff456 netdev-dpdk: Fix RSS configuration for virtio. 09cd9570d ipf: Fix only nat the first fragment in the reass process. ef8ca3e19 dpif-netdev: Fix crash when PACKET_OUT is metered. d3ff41d60 tc: Set action flags for tunnel_key release. 079a4de72 netlink-socket: Replace error with txn->error when logging nacked transactions. f8cc5aa35 dynamic-string: Fix a crash in ds_clone(). 64d1bba91 dpif-netdev: fix memory leak in dpcls subtable set command 90b219275 dpif-netdev: Do not flush PMD offloads on reload. b29b04f85 dpif-netdev: Fix offloads of modified flows. 1d0b89ea7 dpif-netdev: Fix flow modification after failure. 8d84a4b16 netdev-offload-dpdk: Fix IPv6 rewrite cast-align warning. f3f7849cb daemon-unix: Fix leak of a fork error message. 8aa0f0374 ovsdb-cs: Perform forced reconnects without a backoff. ee4e034dc datapath-windows:Correct checksum for DNAT action 72132a940 bond: Fix broken rebalancing after link state changes. aa84cfe25 dpif-netlink: Fix report_loss() message. aec05f7cd ovsdb-server: Fix memleak when failing to read storage. 05bdf11fc conntrack: Init hash basis first at creation. 94e3b9d9c netdev-linux: Ignore TSO packets when TSO is not enabled for userspace. 842bfb899 conntrack: Handle already natted packets. ab873c1af conntrack: Document all-zero IP SNAT behavior and add a test case. 86d6a9ee1 python: Fix Idl.run change_seqno update. 1ba0c8365 bridge: Use correct (legacy) role names in database. 7e5293ea5 Prepare for 2.15.2. The ptest results BEFORE uprev: ERROR: 2231 tests were run, 27 failed unexpectedly. 62 tests were skipped. Failed tests: checkpatch - sign-offs checkpatch - parenthesized constructs checkpatch - parenthesized constructs - for checkpatch - comments checkpatch - whitespace around operator checkpatch - whitespace around cast ovs-ofctl snoop tunnel - table version tunnel_push_pop - erspan tunnel_push_pop - action tunnel_push_pop - packet_out tunnel_push_pop_ipv6 - ip6gre tunnel_push_pop_ipv6 - ip6erspan tunnel_push_pop_ipv6 - action PMD - non pmd device ofproto-dpif - recirculation after resubmit ofproto-dpif - sFlow packet sampling - IPv4 collector ofproto-dpif - sFlow packet sampling - IPv6 collector ofproto-dpif - sFlow packet sampling - LACP structures ofproto-dpif - sFlow packet sampling - tunnel set ofproto-dpif - sFlow packet sampling - tunnel push ofproto-dpif - sFlow packet sampling - MPLS bridge - multiple bridges share a controller bridge - add port after stopping controller mcast - check multicasts to trunk ports are not duplicated ptap - triangle bridge setup with L2 and L3 GRE tunnels ptap - L3 over patch port The ptest results AFTER uprev: ERROR: 2266 tests were run, 27 failed unexpectedly. 65 tests were skipped. Failed tests: checkpatch - sign-offs checkpatch - parenthesized constructs checkpatch - parenthesized constructs - for checkpatch - comments checkpatch - whitespace around operator checkpatch - whitespace around cast ovs-ofctl snoop tunnel - table version tunnel_push_pop - erspan tunnel_push_pop - action tunnel_push_pop - packet_out tunnel_push_pop - packet_out debug_slow tunnel_push_pop_ipv6 - ip6gre tunnel_push_pop_ipv6 - ip6erspan tunnel_push_pop_ipv6 - action PMD - non pmd device ofproto-dpif - sFlow packet sampling - IPv4 collector ofproto-dpif - sFlow packet sampling - IPv6 collector ofproto-dpif - sFlow packet sampling - LACP structures ofproto-dpif - sFlow packet sampling - tunnel set ofproto-dpif - sFlow packet sampling - tunnel push ofproto-dpif - sFlow packet sampling - MPLS bridge - multiple bridges share a controller bridge - add port after stopping controller mcast - check multicasts to trunk ports are not duplicated ptap - triangle bridge setup with L2 and L3 GRE tunnels ptap - L3 over patch port Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Ross Burton
|
ce8f2e0df4 |
libibverbs: update LICENSE
As per COPYING, this is BSD-2-Clause or GPLv2. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cf1c2ed8eb |
runc-docker: update to v1.1.0
Bumping runc to version v1.1.0-1-gd7f7b22a, which comprises the following commits:
d7f7b22a VERSION: back to development
067aaf85 VERSION: release runc v1.1.0
c0e300f1 Refuse to build runc without nsenter
e155b332 build(deps): bump github.com/checkpoint-restore/go-criu/v5
5c7e8981 libct/cg: rm go 1.15 compatibility
4773769c VERSION: back to development
55df1fc4 VERSION: release v1.1.0-rc.1
a8f9d5de CHANGELOG: add an in-repo changelog file
6d2067a4 script/seccomp.sh: fix argc check
457ca62f script/release_*.sh: fix usage
c729594c deps: update libseccomp to 2.5.3
5d779620 tests/int: use update_config in hooks test
9e798e26 tests/int: ability to specify binary
97688ddf types/features: clarify MountOptions
deb0a5f2 Mark `runc features` experimental
382eba43 Support recursive mount attrs ("rro", "rnosuid", "rnodev", ...)
ba935a51 Support nosymfollow mount option (kernel 5.10)
f8c48e46 go.mod: golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c
acd8f12f release: correctly handle binary signing for "make releaseall"
d72d057b runc init: avoid netlink message length overflows
25112dd1 libct/intelrdt: remove unused type
c4a61aa9 ci: enable extra linters for new code
520702da Add `runc features` command
02475d9c .golangci.lint: add unparam linter
953e56c5 libct/int: runContainer: drop console arg
6c0bfcb1 libct/cg/fs/blkio_test: ignore unparam warning
06b3fd9d libct/cg/ebpf: drop finalize return value
86733013 notify_socket: setupSpec: drop ctx arg and return value
741568eb libct/cg/devices: addRule: ignore unparam warning
fc44e3f6 tty: Close: rm return value
36483465 tty: ClosePostStart: rm return value
f3f4b6d1 tty: recvtty: rm process arg
e6318635 tty: rm inheritStdio return value
d23b8109 checkpoint: rm getDefaultImagePath arg
dd140401 libct: fixStdioPermissions: rm config arg
b357bc13 libct/factory: rm id param from loadState
b950b778 libct/utils: ResolveRootfs: remove
35d20c4e chown cgroup to process uid in container namespace
ec0f35bc libct/system/xattrs: remove
e9ed2000 build(deps): bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
e3dd80fa Vagrantfile.fedora: revert excluding systemd
1da84d1a libct/cg: TestGetHugePageSizeImpl: use t.Run
1362291a Avoid non-op when the list of `Hooks` is empty
f13a9325 libct/cg: HugePageSizes: simplify code and test
39d4c8d5 libct/cg: lazy init for HugePageSizes
a4d4c4dd libct/cg: GetHugePageSize -> HugePageSizes
dde509df specconv: do not permit null bytes in mount fields
50105de1 Fix failure with rw bind mount of a ro fuse
982b9a1d libct/standard_init: fix linter warning
643f8a2b libct/specconv: nits
b247cd39 runc run: fix ro /dev
029b73c1 libct/spec: replace isValidName regex with a function
6907beca libct/specconv: remove isSecSuffix regex
37c5fd55 libct/specconv: make parseMountOptions return Mount
2c3792ba libct/specconv: make mountFlags and extensionFlags global
81586e19 libct/specconv: reuse mountPropagationMapping in parseMountOptions
8fe1e8bf libct/specconv: rm some init allocations
712157f6 Revert "ci: temporarily disable criu repo gpg check"
f252eb54 test/int/mount.bats: refer to github issue
7563a8f0 libct: wrap more unix errors
db4ad6a7 libcontainer/system: rm Prlimit
0880c001 .cirrus.yml: silence vagrant up
b028ecb3 Vagrantfile.fedora: exclude systemd from upgrade
12a36265 ci/cirrus: update to Go 1.17.3
02d527d2 go.mod: github.com/moby/sys/mountinfo v0.5.0
0e21d56e go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
b2d64fed build(deps): bump github.com/checkpoint-restore/go-criu/v5
a9bb11ec Fix the conversion of sysctl variable dots and slashes
0f933d54 Rename package validate_test to package validate
68c2b6a7 runc run: refuse a frozen cgroup
d08bc0c1 runc run: warn on non-empty cgroup
dd696235 runc exec: reject paused container unless --ignore-paused
4b25a4e8 CI: update Fedora to 35
7324496f tests/int: fix userns for Fedora 35
05272718 tests/int/cgroups: fix for misc controller
fc658fb6 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
972aea3a libct/configs/validate: allow / in sysctl names
95f8ecdd fix `libcontainer/integration/exec_test.go:1859:8: undefined: ioutil`
dc473cad build(deps): bump github.com/cilium/ebpf from 0.6.2 to 0.7.0
8542322d libcontainer: Add unit tests with userns and mounts
55162941 Remove io/ioutil use
6a4f4a6a libcontainer/ignoreTerminateErrors: simplify for Go 1.16+
12e99a0f Require Go >= 1.16
3d986766 ci/gha: install latest stable Go version
c5ca778f ci: temporarily disable criu repo gpg check
81fdc8ce New integration tests for user namespaces bind sources
9c444070 Open bind mount sources from the host userns
a80e1217 libct/intelrdt: add Root()
794cd66d libct/system: Exec: wrap the error
6eba68de build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
e395d2dc libct: Init: remove LockOSThread
916c6a15 libct/cg/fs2: fix GetStats for unsupported hugetlb
f9667e63 Make DevicesGroup's "TestingSkipFinalCheck" attribute public
2e0ceaa9 fix createDevices when no Linux section
fae5d8b5 release: add s390x
f95063ed Dockerfile: fix for seccomp
7758d3fb libct/cg/sd/v2: Destroy: remove cgroups recursively
580e43ec contrib: rm init from bash completion
0202c398 runc exec: implement --cgroup
cc15b887 tests: add integration test for cgroups hybrid
a8435007 cgroups: join cgroup v2 when using hybrid mode
39914db6 runc exec: don't skip non-existing cgroups
7d446c63 libct/cg.WriteCgroupProcs: improve errors
cc1d7466 exec.go: nit
0d297b71 ci/gha: test criu-dev with latest go
16aedc31 ci/gha: remove debug info
3fd1851c CI/GHA: switch to OBS criu repo
81dc5599 Dockerfile: fix apt-key warning
2bf560fb Dockerfile: use Debian_11 repo for criu
99ddc1be libct/cg/fs: rm m.config == nil checks
57edce46 libct/cg: add Resources=nil unit test
1af4ed11 libct/cg/sd/v2: move fsMgr init to NewUnifiedManager
9a2146fa libct/cg/sd/v2: move path init to NewUnifiedManager
39be6e97 libct/cg/fs2: minor optimization
b14a6cf9 libct/cg/sd/v1: move path init to NewLegacyManager
fcc48168 libct/cg/fs: document path removal
6c5441e5 libct/cg/fs: move paths init to NewManager
097c6d74 libct/cg: simplify getting cgroup manager
3c8db638 script/release.sh: update libseccomp to 2.5.2
f30244ee make release: add cross-build
23d79aae Makefile: only build runc for static target
d2b6899e Makefile: fixes for seccompagent
43b36dc4 Support changing of lsm mount context on restore
412d68d1 Vendor in go-criu v5.1.0
163e2523 libct/cg: replace bitset with std math/big library
6806b2c1 runc delete -f: fix for cg v1 + paused container
e6928865 libct/cg/fs: refactor
7d1cb320 libct/cg/fs: rename join to apply
5c7cb837 libct/cg/fs: micro optimization
19b542a5 libct/cg/fs: move internal code out of fs.go
eb09df74 libct/cg/sd/v1: initPaths: minor optimization
63c84917 libct/cg/sd/v1: optimize initPaths
c7e0864d libct/cg/sd/v1: factor out initPaths
dc907e8d libct/cg/sd/v*.go: nit
d974b22a create, run: amend final errors
9ba2f65d startContainer: minor refactor
1545ea69 delete, start: remove newline from errors
af641cd5 seccomp: Add test using the seccomp agent example
08659080 build(deps): bump github.com/bits-and-blooms/bitset from 1.2.0 to 1.2.1
622acd24 build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
47abdcee ci/gha: update golangci-lint to 1.42.1
704a1878 contrib/cmd/seccompagent: fix build tags
49137c2a ci/gha: bump shfmt to 3.3.1
f1b703fc libct/nsenter/nsexec.c: honor _LIBCONTAINER_LOGLEVEL
d5ffe83f libct/nsenter/nsexec.c: factor out getenv_int
d2f49d45 libct/nsenter/nsexec.c: improve bail
6c4a3b13 runc init: pass _LIBCONTAINER_LOGLEVEL as int
0a3577c6 utils_linux: simplify newProcess
51cd519e seccomp agent: Return non-zero on failures
8b790e4f seccomp agent: Use arch SCMP_ARCH_X86_64
4a4d4f10 Add support for seccomp actions ActKillThread and ActKillProcess
4a751b05 seccomp: drop unnecessary const SCMP_ACT_* defines
72b5c3ca build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
00772cae tests: add functional tests for seccomp notify
5ae831d9 tests: add functional tests for seccomp
e21a9ee8 contrib: add sample seccomp agent
c64aaf0e libcontainer/specconv: extend SetupSeccomp tests
2b025c01 Implement Seccomp Notify
4e7aeff6 libcontainer/utils: introduce SendFds
c55530be vendoring: Use libseccomp with notify support
64358c4d optimize log: move WriteJSON defer as early as possible
39d0ee18 script/release.sh: fix for opensuse
a20c8b29 runc --debug: shorter caller info
b55b3081 libct/logs: do not show caller in nsexec logs
c3910e73 libct/logs: parse log level implicitly
c4826905 libct/logs: test: make more robust
33dcb994 libct/nsenter/nsenter_test.go: logging nits
78b27155 libct/nsenter: test: rm misleading comments
2c46455c libct/nsenter: test: improve TestNsenterChildLogging
feb1fe11 libct/nsenter: test: fix TestNsenterValidPaths
3df6a02f libct/nsenter: test: improve newPipe
347c371b CI: Mark CGO warnings as errors
d8da0035 *: add go-1.17+ go:build tags
1b17ec95 libct/cg: rm "unsupported.go" files
dbb9fc03 libct/*: remove linux build tag from some pkgs
c5b0be78 Rm build tags from main pkg
9ff64c3d *: rm redundant linux build tag
895e0a5c nsenter: fix typo in bail message
1f5798f7 improve error message when dbus-user-session is not installed
63944578 tests/int: add a "update cpu period with pod limit set" test
1b2adcfe libct/cg/v1: workaround CPU quota period set failure
09b80811 Revert "libct/devices: change devices.Type to be a string"
538ba846 libct/error.go: rm ConfigError
6145628f configs/validate: audit all returned errors
bbcf96f9 libct/cg/devices: stop using regex
fb629db6 tests/int/helpers: fix shellcheck warnings
f65276db tests/int/helpers: rm $bundle handling
b3d14488 Add support for rdma cgroup introduced in Linux Kernel 4.11
8d8415ee libct/logs: remove ConfigureLogging
f77fb7a3 init.go, main.go: don't use logs.ConfigureLogging
93937000 libcontainer/intelrdt: update code comments
a37a89f4 libct/system: add I and P process states
f90008ae libct/system.Stat: fix/improve/speedup
412c6f06 libct/system/proc_test: fix, improve, add benchmark
74ae9e0f checkpoint: resolve symlink for external bind mount(fix ci broken)
24d318b8 Dockerfile: switch to bullseye
9a095e44 libct/cg/sd/v1: add SkipFreezeOnSet knob
fec49f2a libct/cg/sd/v1: add freezeBeforeSet unit test
41043673 libct/cg/sd/v1: Fix unnecessary freeze/thaw
a5871801 ci: add go1.17
75761bcc Fix codespell warnings, add codespell to ci
db8330c9 libct/nsenter: fix unused-result warning
844d6774 CI: Validate compilation without buildtags
51508210 libct/nsenter: nullify pointer on asprintf error
2ab6484f libct/nsenter: no need to check size_t less than 0
f0dbefac .cirrus.yum: retry yum if failed
814f3ae1 libct/devices: change devices.Type to be a string
74b5c34e .cirrus.yml: simplify
77fb9aff build(deps): bump github.com/containerd/console from 1.0.2 to 1.0.3
bd50e7c4 libct/cg/OpenFile: check cgroupFd on error
ab577f6f MAINTAINERS: add Sebastiaan van Stijn
2bab4a56 libct/nsenter: fix logging race in nsexec
bda1bd7a build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
c2d9668c libct/cg/OpenFile: fix openat2 vs top cgroup dir
1b4c30fd libcontainer/intelrdt: always run unit tests
79d292b9 libcontainer/intelrdt: verify ClosID existence
17e3b41d libcontainer/intelrdt: support ClosID parameter
7296dc17 libcontainer/intelrdt: refactor clos path handling
1cbfe234 libct/cg: rm dead code
d0c3bc44 libct/cg: GetAllPids: optimize for go 1.16+
363468d0 libct/cg: improve GetAllPids and readProcsFile
504271a3 libct/cg: move GetAllPids out of utils.go
fc99ab7e build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
0f94799e man/runc-run.8: document --keep option
cb824629 proposal: add --keep to runc run
e06465ac ci/cirrus: remove unused code
120f7406 ci/gha: add latest criu-dev test run
60e02b4b runc exec: fail with exit code of 255
18f434e1 script/release.sh: make builds reproducible
61e201ab makefile: update ldflags and add strip for static builds
5110bd2f nsenter: remove cgroupns sync mechanism
7a0302f0 runc init: simplify
a91ce306 libct/*_test.go: use t.TempDir
3bc606e9 libct/int: adapt to Go 1.15
1eeaf113 libct/intelrdt/*_test.go: use t.TempDir
f6a56f60 libct/cg/fs/*_test.go: use t.TempDir
2d1645d2 libct/cg/fscommon: drop go 1.13 compatibility
6215b2f3 ci/gha: drop Go 1.13
a952b5aa README, go.mod: require go 1.15+
12a1dccb Revert "libcontainer: avoid using t.Cleanup"
015fa29a Revert "Revert "Makefile: rm go 1.13 workaround""
5dd92fd9 libct/seccomp: skip redundant rules
e44bee10 libct/seccomp: warn about unknown syscalls
073e085c libct/seccomp: ConvertStringToAction: fix doc
9f656dbb Do not use Vagrant for CentOS 7/8
d4480164 tests/rootless.sh: fixup for "update rt" test
86af5248 tests/int: fix "update rt period and runtime" for rootless
cc0b1644 README.md: remove abandoned versioning policy
87bfd20f Evaluate Cirrus CI for Vagrant tests
a7110262 libct/cg/sd: add TestPodSkipDevicesUpdate
52dd96db libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
f2db8798 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
5dc32604 libct/int/TestFreeze: test freeze/thaw via Set
af1688a5 libct/int: allow subtests
67cfd3d4 libct/cg/sd/v1: Set: don't overwrite r.Freezer
d02b0061 ci/gha: run on release-* branches after a push
57e3c541 cgroupv2: ebpf: ignore inaccessible existing programs
fe518a06 vendor: update github.com/cilium/ebpf
3e5c1997 libct/cg/sd: Add freezer tests
294c4866 libct/cg/fs/freezer.GetState: report current cgroup state
f33be7cc libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
d41a273d Update device update tests
be1d5f83 ci: enable unconvert linter, fix its warnings
6be088d6 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
9f2a1f4d deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
24d5daf5 libct/user: fix parsing long /etc/group lines
226dfab0 libct/user: ParseGroupFilter: use TrimSpace
120e3a77 libct/user: use []byte more, avoid allocations
83776dd8 libcontainer: Bail on close(2) failures
7d479e6b libcontainer: Don't close fds already closed
e39ad650 retry unix.EINTR for container init process
c508a7bc libct/rootfs: consolidate utils imports
1bbeadae tests/int/no_pivot: fix for new kernels
0229a77a libcontainer/intelrdt: privatize some ids
8f8dfc49 libcontainer/intelrdt: move NewLastCmdError down
00d15629 libct/intelrdt: simplify NewLastCmdError
e0ce428b libct/intelrdt: remove NotFoundError type
feff2c45 libct/intelrdt: fix potential nil dereference
82498e3d libct/specconf: remove unneeded checks
bc96a59d build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1
70fdc057 Revert "checkpoint: resolve symlink for external bind mount"
e618c02d libct/stacktrace: remove
e918d021 libcontainer: rm own error system
60c647a7 libct/error: rm ConsoleExists
a7cfb23b *: stop using pkg/errors
b60e2edf libct/cg: stop using pkg/errors
a6cc36a8 libct/cg/ebpf: stop using pkg/errors
f137aaa2 libct/cg/devices: stop using pkg/errors
ebb08128 .golangci.yml: enable errorlint
56e47804 *: ignore errorlint warnings about unix.* errors
f6a0899b *: use errors.As and errors.Is
5d2a11ad tty.go: don't use pkg/errors, use errors.Is
c6fed264 libct/keys: stop using pkg/errors
adbac31d libct: fix errorlint warning about strconv.NumError
7be93a66 *: fmt.Errorf: use %w when appropriate
d8ba4128 libct/rootfs: improve some errors
36aefad4 libct: wrap unix.Mount/Unmount errors
825335b2 libct/cg/fs2: fix/unify parsing errors
5a186d39 libct/cg/fs: fix/unify parsing errors
f813174d libct/cg/fscommon: introduce and use ParseError
adcd3b44 libct/cg/fs[2]: simplify getting pid stats
4e330942 libct/cg/fs/stats_util_test: fix errors
563225d5 libct/StartInitialization: fix errors
3fee59f9 libct/cg/fs/*_test: simplify errors
fdf4e90e libct/cg/fscommon.ParseKeyValue: no need to wrap err
627a06ad Replace fmt.Errorf w/o %-style to errors.New
242b3283 libct/cg/fscommon: rm unused var
92e8d9b9 libct/intelrdt: error message nits
041caf10 VERSION: back to development
dfc0f069 man/*: revamp
85aabe23 C/R: let criu use its default if --work-path is not set
e8bd33ae runc --help: improve log options description
cf4ecaed runc update: hide --kernel* options
4065c394 exec: rm --no-subreaper flag
da22625f checkpoint: resolve symlink for external bind mount
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
1af45b1490 |
runc: update to v1.1.0
Bumping runc to version v1.1.0-1-gd7f7b22a, which comprises the following commits:
d7f7b22a VERSION: back to development
067aaf85 VERSION: release runc v1.1.0
c0e300f1 Refuse to build runc without nsenter
e155b332 build(deps): bump github.com/checkpoint-restore/go-criu/v5
5c7e8981 libct/cg: rm go 1.15 compatibility
4773769c VERSION: back to development
55df1fc4 VERSION: release v1.1.0-rc.1
a8f9d5de CHANGELOG: add an in-repo changelog file
6d2067a4 script/seccomp.sh: fix argc check
457ca62f script/release_*.sh: fix usage
c729594c deps: update libseccomp to 2.5.3
5d779620 tests/int: use update_config in hooks test
9e798e26 tests/int: ability to specify binary
97688ddf types/features: clarify MountOptions
deb0a5f2 Mark `runc features` experimental
382eba43 Support recursive mount attrs ("rro", "rnosuid", "rnodev", ...)
ba935a51 Support nosymfollow mount option (kernel 5.10)
f8c48e46 go.mod: golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c
acd8f12f release: correctly handle binary signing for "make releaseall"
d72d057b runc init: avoid netlink message length overflows
25112dd1 libct/intelrdt: remove unused type
c4a61aa9 ci: enable extra linters for new code
520702da Add `runc features` command
02475d9c .golangci.lint: add unparam linter
953e56c5 libct/int: runContainer: drop console arg
6c0bfcb1 libct/cg/fs/blkio_test: ignore unparam warning
06b3fd9d libct/cg/ebpf: drop finalize return value
86733013 notify_socket: setupSpec: drop ctx arg and return value
741568eb libct/cg/devices: addRule: ignore unparam warning
fc44e3f6 tty: Close: rm return value
36483465 tty: ClosePostStart: rm return value
f3f4b6d1 tty: recvtty: rm process arg
e6318635 tty: rm inheritStdio return value
d23b8109 checkpoint: rm getDefaultImagePath arg
dd140401 libct: fixStdioPermissions: rm config arg
b357bc13 libct/factory: rm id param from loadState
b950b778 libct/utils: ResolveRootfs: remove
35d20c4e chown cgroup to process uid in container namespace
ec0f35bc libct/system/xattrs: remove
e9ed2000 build(deps): bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
e3dd80fa Vagrantfile.fedora: revert excluding systemd
1da84d1a libct/cg: TestGetHugePageSizeImpl: use t.Run
1362291a Avoid non-op when the list of `Hooks` is empty
f13a9325 libct/cg: HugePageSizes: simplify code and test
39d4c8d5 libct/cg: lazy init for HugePageSizes
a4d4c4dd libct/cg: GetHugePageSize -> HugePageSizes
dde509df specconv: do not permit null bytes in mount fields
50105de1 Fix failure with rw bind mount of a ro fuse
982b9a1d libct/standard_init: fix linter warning
643f8a2b libct/specconv: nits
b247cd39 runc run: fix ro /dev
029b73c1 libct/spec: replace isValidName regex with a function
6907beca libct/specconv: remove isSecSuffix regex
37c5fd55 libct/specconv: make parseMountOptions return Mount
2c3792ba libct/specconv: make mountFlags and extensionFlags global
81586e19 libct/specconv: reuse mountPropagationMapping in parseMountOptions
8fe1e8bf libct/specconv: rm some init allocations
712157f6 Revert "ci: temporarily disable criu repo gpg check"
f252eb54 test/int/mount.bats: refer to github issue
7563a8f0 libct: wrap more unix errors
db4ad6a7 libcontainer/system: rm Prlimit
0880c001 .cirrus.yml: silence vagrant up
b028ecb3 Vagrantfile.fedora: exclude systemd from upgrade
12a36265 ci/cirrus: update to Go 1.17.3
02d527d2 go.mod: github.com/moby/sys/mountinfo v0.5.0
0e21d56e go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
b2d64fed build(deps): bump github.com/checkpoint-restore/go-criu/v5
a9bb11ec Fix the conversion of sysctl variable dots and slashes
0f933d54 Rename package validate_test to package validate
68c2b6a7 runc run: refuse a frozen cgroup
d08bc0c1 runc run: warn on non-empty cgroup
dd696235 runc exec: reject paused container unless --ignore-paused
4b25a4e8 CI: update Fedora to 35
7324496f tests/int: fix userns for Fedora 35
05272718 tests/int/cgroups: fix for misc controller
fc658fb6 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
972aea3a libct/configs/validate: allow / in sysctl names
95f8ecdd fix `libcontainer/integration/exec_test.go:1859:8: undefined: ioutil`
dc473cad build(deps): bump github.com/cilium/ebpf from 0.6.2 to 0.7.0
8542322d libcontainer: Add unit tests with userns and mounts
55162941 Remove io/ioutil use
6a4f4a6a libcontainer/ignoreTerminateErrors: simplify for Go 1.16+
12e99a0f Require Go >= 1.16
3d986766 ci/gha: install latest stable Go version
c5ca778f ci: temporarily disable criu repo gpg check
81fdc8ce New integration tests for user namespaces bind sources
9c444070 Open bind mount sources from the host userns
a80e1217 libct/intelrdt: add Root()
794cd66d libct/system: Exec: wrap the error
6eba68de build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
e395d2dc libct: Init: remove LockOSThread
916c6a15 libct/cg/fs2: fix GetStats for unsupported hugetlb
f9667e63 Make DevicesGroup's "TestingSkipFinalCheck" attribute public
2e0ceaa9 fix createDevices when no Linux section
fae5d8b5 release: add s390x
f95063ed Dockerfile: fix for seccomp
7758d3fb libct/cg/sd/v2: Destroy: remove cgroups recursively
580e43ec contrib: rm init from bash completion
0202c398 runc exec: implement --cgroup
cc15b887 tests: add integration test for cgroups hybrid
a8435007 cgroups: join cgroup v2 when using hybrid mode
39914db6 runc exec: don't skip non-existing cgroups
7d446c63 libct/cg.WriteCgroupProcs: improve errors
cc1d7466 exec.go: nit
0d297b71 ci/gha: test criu-dev with latest go
16aedc31 ci/gha: remove debug info
3fd1851c CI/GHA: switch to OBS criu repo
81dc5599 Dockerfile: fix apt-key warning
2bf560fb Dockerfile: use Debian_11 repo for criu
99ddc1be libct/cg/fs: rm m.config == nil checks
57edce46 libct/cg: add Resources=nil unit test
1af4ed11 libct/cg/sd/v2: move fsMgr init to NewUnifiedManager
9a2146fa libct/cg/sd/v2: move path init to NewUnifiedManager
39be6e97 libct/cg/fs2: minor optimization
b14a6cf9 libct/cg/sd/v1: move path init to NewLegacyManager
fcc48168 libct/cg/fs: document path removal
6c5441e5 libct/cg/fs: move paths init to NewManager
097c6d74 libct/cg: simplify getting cgroup manager
3c8db638 script/release.sh: update libseccomp to 2.5.2
f30244ee make release: add cross-build
23d79aae Makefile: only build runc for static target
d2b6899e Makefile: fixes for seccompagent
43b36dc4 Support changing of lsm mount context on restore
412d68d1 Vendor in go-criu v5.1.0
163e2523 libct/cg: replace bitset with std math/big library
6806b2c1 runc delete -f: fix for cg v1 + paused container
e6928865 libct/cg/fs: refactor
7d1cb320 libct/cg/fs: rename join to apply
5c7cb837 libct/cg/fs: micro optimization
19b542a5 libct/cg/fs: move internal code out of fs.go
eb09df74 libct/cg/sd/v1: initPaths: minor optimization
63c84917 libct/cg/sd/v1: optimize initPaths
c7e0864d libct/cg/sd/v1: factor out initPaths
dc907e8d libct/cg/sd/v*.go: nit
d974b22a create, run: amend final errors
9ba2f65d startContainer: minor refactor
1545ea69 delete, start: remove newline from errors
af641cd5 seccomp: Add test using the seccomp agent example
08659080 build(deps): bump github.com/bits-and-blooms/bitset from 1.2.0 to 1.2.1
622acd24 build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
47abdcee ci/gha: update golangci-lint to 1.42.1
704a1878 contrib/cmd/seccompagent: fix build tags
49137c2a ci/gha: bump shfmt to 3.3.1
f1b703fc libct/nsenter/nsexec.c: honor _LIBCONTAINER_LOGLEVEL
d5ffe83f libct/nsenter/nsexec.c: factor out getenv_int
d2f49d45 libct/nsenter/nsexec.c: improve bail
6c4a3b13 runc init: pass _LIBCONTAINER_LOGLEVEL as int
0a3577c6 utils_linux: simplify newProcess
51cd519e seccomp agent: Return non-zero on failures
8b790e4f seccomp agent: Use arch SCMP_ARCH_X86_64
4a4d4f10 Add support for seccomp actions ActKillThread and ActKillProcess
4a751b05 seccomp: drop unnecessary const SCMP_ACT_* defines
72b5c3ca build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
00772cae tests: add functional tests for seccomp notify
5ae831d9 tests: add functional tests for seccomp
e21a9ee8 contrib: add sample seccomp agent
c64aaf0e libcontainer/specconv: extend SetupSeccomp tests
2b025c01 Implement Seccomp Notify
4e7aeff6 libcontainer/utils: introduce SendFds
c55530be vendoring: Use libseccomp with notify support
64358c4d optimize log: move WriteJSON defer as early as possible
39d0ee18 script/release.sh: fix for opensuse
a20c8b29 runc --debug: shorter caller info
b55b3081 libct/logs: do not show caller in nsexec logs
c3910e73 libct/logs: parse log level implicitly
c4826905 libct/logs: test: make more robust
33dcb994 libct/nsenter/nsenter_test.go: logging nits
78b27155 libct/nsenter: test: rm misleading comments
2c46455c libct/nsenter: test: improve TestNsenterChildLogging
feb1fe11 libct/nsenter: test: fix TestNsenterValidPaths
3df6a02f libct/nsenter: test: improve newPipe
347c371b CI: Mark CGO warnings as errors
d8da0035 *: add go-1.17+ go:build tags
1b17ec95 libct/cg: rm "unsupported.go" files
dbb9fc03 libct/*: remove linux build tag from some pkgs
c5b0be78 Rm build tags from main pkg
9ff64c3d *: rm redundant linux build tag
895e0a5c nsenter: fix typo in bail message
1f5798f7 improve error message when dbus-user-session is not installed
63944578 tests/int: add a "update cpu period with pod limit set" test
1b2adcfe libct/cg/v1: workaround CPU quota period set failure
09b80811 Revert "libct/devices: change devices.Type to be a string"
538ba846 libct/error.go: rm ConfigError
6145628f configs/validate: audit all returned errors
bbcf96f9 libct/cg/devices: stop using regex
fb629db6 tests/int/helpers: fix shellcheck warnings
f65276db tests/int/helpers: rm $bundle handling
b3d14488 Add support for rdma cgroup introduced in Linux Kernel 4.11
8d8415ee libct/logs: remove ConfigureLogging
f77fb7a3 init.go, main.go: don't use logs.ConfigureLogging
93937000 libcontainer/intelrdt: update code comments
a37a89f4 libct/system: add I and P process states
f90008ae libct/system.Stat: fix/improve/speedup
412c6f06 libct/system/proc_test: fix, improve, add benchmark
74ae9e0f checkpoint: resolve symlink for external bind mount(fix ci broken)
24d318b8 Dockerfile: switch to bullseye
9a095e44 libct/cg/sd/v1: add SkipFreezeOnSet knob
fec49f2a libct/cg/sd/v1: add freezeBeforeSet unit test
41043673 libct/cg/sd/v1: Fix unnecessary freeze/thaw
a5871801 ci: add go1.17
75761bcc Fix codespell warnings, add codespell to ci
db8330c9 libct/nsenter: fix unused-result warning
844d6774 CI: Validate compilation without buildtags
51508210 libct/nsenter: nullify pointer on asprintf error
2ab6484f libct/nsenter: no need to check size_t less than 0
f0dbefac .cirrus.yum: retry yum if failed
814f3ae1 libct/devices: change devices.Type to be a string
74b5c34e .cirrus.yml: simplify
77fb9aff build(deps): bump github.com/containerd/console from 1.0.2 to 1.0.3
bd50e7c4 libct/cg/OpenFile: check cgroupFd on error
ab577f6f MAINTAINERS: add Sebastiaan van Stijn
2bab4a56 libct/nsenter: fix logging race in nsexec
bda1bd7a build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
c2d9668c libct/cg/OpenFile: fix openat2 vs top cgroup dir
1b4c30fd libcontainer/intelrdt: always run unit tests
79d292b9 libcontainer/intelrdt: verify ClosID existence
17e3b41d libcontainer/intelrdt: support ClosID parameter
7296dc17 libcontainer/intelrdt: refactor clos path handling
1cbfe234 libct/cg: rm dead code
d0c3bc44 libct/cg: GetAllPids: optimize for go 1.16+
363468d0 libct/cg: improve GetAllPids and readProcsFile
504271a3 libct/cg: move GetAllPids out of utils.go
fc99ab7e build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
0f94799e man/runc-run.8: document --keep option
cb824629 proposal: add --keep to runc run
e06465ac ci/cirrus: remove unused code
120f7406 ci/gha: add latest criu-dev test run
60e02b4b runc exec: fail with exit code of 255
18f434e1 script/release.sh: make builds reproducible
61e201ab makefile: update ldflags and add strip for static builds
5110bd2f nsenter: remove cgroupns sync mechanism
7a0302f0 runc init: simplify
a91ce306 libct/*_test.go: use t.TempDir
3bc606e9 libct/int: adapt to Go 1.15
1eeaf113 libct/intelrdt/*_test.go: use t.TempDir
f6a56f60 libct/cg/fs/*_test.go: use t.TempDir
2d1645d2 libct/cg/fscommon: drop go 1.13 compatibility
6215b2f3 ci/gha: drop Go 1.13
a952b5aa README, go.mod: require go 1.15+
12a1dccb Revert "libcontainer: avoid using t.Cleanup"
015fa29a Revert "Revert "Makefile: rm go 1.13 workaround""
5dd92fd9 libct/seccomp: skip redundant rules
e44bee10 libct/seccomp: warn about unknown syscalls
073e085c libct/seccomp: ConvertStringToAction: fix doc
9f656dbb Do not use Vagrant for CentOS 7/8
d4480164 tests/rootless.sh: fixup for "update rt" test
86af5248 tests/int: fix "update rt period and runtime" for rootless
cc0b1644 README.md: remove abandoned versioning policy
87bfd20f Evaluate Cirrus CI for Vagrant tests
a7110262 libct/cg/sd: add TestPodSkipDevicesUpdate
52dd96db libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
f2db8798 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
5dc32604 libct/int/TestFreeze: test freeze/thaw via Set
af1688a5 libct/int: allow subtests
67cfd3d4 libct/cg/sd/v1: Set: don't overwrite r.Freezer
d02b0061 ci/gha: run on release-* branches after a push
57e3c541 cgroupv2: ebpf: ignore inaccessible existing programs
fe518a06 vendor: update github.com/cilium/ebpf
3e5c1997 libct/cg/sd: Add freezer tests
294c4866 libct/cg/fs/freezer.GetState: report current cgroup state
f33be7cc libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
d41a273d Update device update tests
be1d5f83 ci: enable unconvert linter, fix its warnings
6be088d6 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
9f2a1f4d deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
24d5daf5 libct/user: fix parsing long /etc/group lines
226dfab0 libct/user: ParseGroupFilter: use TrimSpace
120e3a77 libct/user: use []byte more, avoid allocations
83776dd8 libcontainer: Bail on close(2) failures
7d479e6b libcontainer: Don't close fds already closed
e39ad650 retry unix.EINTR for container init process
c508a7bc libct/rootfs: consolidate utils imports
1bbeadae tests/int/no_pivot: fix for new kernels
0229a77a libcontainer/intelrdt: privatize some ids
8f8dfc49 libcontainer/intelrdt: move NewLastCmdError down
00d15629 libct/intelrdt: simplify NewLastCmdError
e0ce428b libct/intelrdt: remove NotFoundError type
feff2c45 libct/intelrdt: fix potential nil dereference
82498e3d libct/specconf: remove unneeded checks
bc96a59d build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1
70fdc057 Revert "checkpoint: resolve symlink for external bind mount"
e618c02d libct/stacktrace: remove
e918d021 libcontainer: rm own error system
60c647a7 libct/error: rm ConsoleExists
a7cfb23b *: stop using pkg/errors
b60e2edf libct/cg: stop using pkg/errors
a6cc36a8 libct/cg/ebpf: stop using pkg/errors
f137aaa2 libct/cg/devices: stop using pkg/errors
ebb08128 .golangci.yml: enable errorlint
56e47804 *: ignore errorlint warnings about unix.* errors
f6a0899b *: use errors.As and errors.Is
5d2a11ad tty.go: don't use pkg/errors, use errors.Is
c6fed264 libct/keys: stop using pkg/errors
adbac31d libct: fix errorlint warning about strconv.NumError
7be93a66 *: fmt.Errorf: use %w when appropriate
d8ba4128 libct/rootfs: improve some errors
36aefad4 libct: wrap unix.Mount/Unmount errors
825335b2 libct/cg/fs2: fix/unify parsing errors
5a186d39 libct/cg/fs: fix/unify parsing errors
f813174d libct/cg/fscommon: introduce and use ParseError
adcd3b44 libct/cg/fs[2]: simplify getting pid stats
4e330942 libct/cg/fs/stats_util_test: fix errors
563225d5 libct/StartInitialization: fix errors
3fee59f9 libct/cg/fs/*_test: simplify errors
fdf4e90e libct/cg/fscommon.ParseKeyValue: no need to wrap err
627a06ad Replace fmt.Errorf w/o %-style to errors.New
242b3283 libct/cg/fscommon: rm unused var
92e8d9b9 libct/intelrdt: error message nits
041caf10 VERSION: back to development
dfc0f069 man/*: revamp
85aabe23 C/R: let criu use its default if --work-path is not set
e8bd33ae runc --help: improve log options description
cf4ecaed runc update: hide --kernel* options
4065c394 exec: rm --no-subreaper flag
da22625f checkpoint: resolve symlink for external bind mount
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
198eb61ae3 |
python3-dtc: add SRCPV and fix missing symbol
We need some of the latest dtc functionality for lopper, but that puts us out of sync with the main dtc recipe in oe-core master. To show that we are running ahead, bumping the PV to include SRCPV. To fix the following missing symbol: | ImportError: qemuarm64-poky-linux/xen-image-minimal/1.0-r0/recipe-sysroot-native/usr/lib/python3.10/site-packages/_libfdt.cpython-310-x86_64-linux-gnu.so: undefined symbol: fdt_overlay_target_offset We revert the commit that introduces it (since we don't need that functionality), and will drop our revert when oe-core updates to a similar version. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |