Bumping docker to version v23.0.2, which comprises the following commits:
c6bf3071fe StartWithLogFile: Fix d.cmd race
7f49ca259b TestDaemonRestartKillContainers: Fix loop capture
1363b3e372 ci: disable testing mergeop and diffop with the dockerd worker
d43958b50b builder-next: disable mergeop and diffop
fd80ca60da Fix pruning anon volume created from image config
ae0cc08cab Dockerfile: Update shfmt to 3.6.0
42751cc892 contrib/dockerize-disk.sh: Fix indentation
6c65a9a07f volumes: fix error-handling when removing volumes with swarm enabled
e3c642d1ea integration/volumes: TestVolumesRemove: add coverage for force/no-force
c48f7fd12c [23.0] update to go1.19.7
f3416271a3 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230309194213-a745a8755ce3
3bd2fc8d62 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230302163403-80a528a86877
a79be4cf31 vendor: github.com/moby/buildkit v0.10.7-0.20230306143919-70f2ad56d3e5
6ac39568ee libnet/ipam: fix racy, flaky unit test
7158f76b8b vendor: github.com/containerd/containerd v1.6.19
67990f983b vendor: github.com/Microsoft/hcsshim v0.9.7
3125aa0aef [23.0] update containerd binary to v1.6.19
b1d9012969 Wait longer for exit events on Windows
2337258d28 libnet/networkdb: fix nil-dereference panic in test
Bumping libnetwork to version v0.7.0-dev.3-1861-g25ec449c, which comprises the following commits:
91f0d508 update maintainers
615c9801 libnetwork/overlay:fix join sandbox deadlock
047ac186 Cleanup servicebindings only on Windows
6f36306d Delay network deletion until after lb cleanup
a9c349a6 Log HNS policylist removal failures
Bumping docker-cli to version v23.0.2, which comprises the following commits:
f6643207a don't use null values in the bake definition
f381e0842 Dockerfile: align go version
d3a36fc38 e2e: update notary certificates
59bb07f2e e2e: increase tests certificates duration (10 years)
80f27987f bake target to generate certs for e2e tets
a43c9f344 Don't automatically request size if `--size` was explicitly set to `false`
114e17ac4 cli/command: fix imports formatting
e2c402118 cli/command: ElectAuthServer: fix deprecation comment
d07453890 Add bash completion for available plugins
90a72a589 Dockerfile: update buildx to v0.10.4
4c63110a9 update to go1.19.7
b61b5a987 stack: Change unexpected environment variable error
84fe451ec stack/loader: Ignore cmd.exe special env variables
95066ff3a Dockerfile: update buildx to v0.10.3 release notes: https://github.com/docker/buildx/releases/tag/v0.10.3
0dbf70fad docs: Deprecate buildkit's build information
5af8077ee formatter: Consider empty RepoTags and RepoDigests as dangling
57a502772 context: avoid corrupt file writes
14ac8db96 test/cli: Use empty array as empty output of images/json
1810e922a docs: drop dated comments about graphdrivers
5051d82a1 update to go1.19.6
7f4e3ead7 changed the container name in docker stats page
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping moby to version v23.0.2, which comprises the following commits:
c6bf3071fe StartWithLogFile: Fix d.cmd race
7f49ca259b TestDaemonRestartKillContainers: Fix loop capture
1363b3e372 ci: disable testing mergeop and diffop with the dockerd worker
d43958b50b builder-next: disable mergeop and diffop
fd80ca60da Fix pruning anon volume created from image config
ae0cc08cab Dockerfile: Update shfmt to 3.6.0
42751cc892 contrib/dockerize-disk.sh: Fix indentation
6c65a9a07f volumes: fix error-handling when removing volumes with swarm enabled
e3c642d1ea integration/volumes: TestVolumesRemove: add coverage for force/no-force
c48f7fd12c [23.0] update to go1.19.7
f3416271a3 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230309194213-a745a8755ce3
3bd2fc8d62 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230302163403-80a528a86877
a79be4cf31 vendor: github.com/moby/buildkit v0.10.7-0.20230306143919-70f2ad56d3e5
6ac39568ee libnet/ipam: fix racy, flaky unit test
7158f76b8b vendor: github.com/containerd/containerd v1.6.19
67990f983b vendor: github.com/Microsoft/hcsshim v0.9.7
3125aa0aef [23.0] update containerd binary to v1.6.19
b1d9012969 Wait longer for exit events on Windows
2337258d28 libnet/networkdb: fix nil-dereference panic in test
Bumping libnetwork to version v0.7.0-dev.3-1861-g25ec449c, which comprises the following commits:
91f0d508 update maintainers
615c9801 libnetwork/overlay:fix join sandbox deadlock
047ac186 Cleanup servicebindings only on Windows
6f36306d Delay network deletion until after lb cleanup
a9c349a6 Log HNS policylist removal failures
docker-moby/cli: update to -tip
f6643207a don't use null values in the bake definition
f381e0842 Dockerfile: align go version
d3a36fc38 e2e: update notary certificates
59bb07f2e e2e: increase tests certificates duration (10 years)
80f27987f bake target to generate certs for e2e tets
a43c9f344 Don't automatically request size if `--size` was explicitly set to `false`
114e17ac4 cli/command: fix imports formatting
e2c402118 cli/command: ElectAuthServer: fix deprecation comment
d07453890 Add bash completion for available plugins
90a72a589 Dockerfile: update buildx to v0.10.4
4c63110a9 update to go1.19.7
b61b5a987 stack: Change unexpected environment variable error
84fe451ec stack/loader: Ignore cmd.exe special env variables
95066ff3a Dockerfile: update buildx to v0.10.3 release notes: https://github.com/docker/buildx/releases/tag/v0.10.3
0dbf70fad docs: Deprecate buildkit's build information
5af8077ee formatter: Consider empty RepoTags and RepoDigests as dangling
57a502772 context: avoid corrupt file writes
14ac8db96 test/cli: Use empty array as empty output of images/json
1810e922a docs: drop dated comments about graphdrivers
5051d82a1 update to go1.19.6
7f4e3ead7 changed the container name in docker stats page
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping crun to version 1.8.3-5-gd2ff390, which comprises the following commits:
59f2beb NEWS: tag 1.8.3
ae18930 update: initialize the rt_scheduler only on cgroupv1
5855e70 [1.8.2][CentOS 7] Missing `#include <linux/sched.h>`
a4393f2 docs: add a tryout example with podman
bf70c97 NEWS: tag 1.8.2
ba6c957 cgroup: cgroupfs attempt new sibling cgroup
74dc9b4 cgroup: libcrun_get_current_unified_cgroup can return relative path
b7b5265 cgroup: drop duplicated variable
11bdc13 linux: set label for pre-created devices
4b04b01 linux: refactor code in a new function
770ad48 linux: extend fsopen_mount to specify label
7578a1a wasm, wasmedge: add current directory to preopen paths
90dd7b7 test_mount: fix incorrect comment
51aba04 linux: readonlyPaths should inherit flags from parent mount
5ad1507 lua: add Lua bindings
5d54a85 scheduler: use sched_setattr
6a132c3 libcrun_container_create(): fix memory leak
6ba6a00 container: add custom annotation to specify the scheduler
5bdd930 cgroup: systemd initialize rt limits
8b18fc7 cgroup: add new function openat_with_alias
e914059 libcrun: add alias argument to function
a4aebb9 libcrun: new function write_cgroup_file_or_alias
d36c1a2 test: remove irqbalance tests
56a2550 cgroup: fallback to blkio.bfq files
34950dc crio: skip test
710d8dd libcrun: chown tty to the exec user
e067714 python: fix create() referencing container_run()
11d1baf build(deps): bump actions/upload-artifact from 2 to 3
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We adjust our install routine to find the binaries in architecture
and OS target specific directories, but otherwise the build is
unchanged.
Bumping cri-tools to version v1.26.0-122-g4daea449, which comprises the following commits:
1dbda3f7 Bump github.com/opencontainers/runc from 1.1.4 to 1.1.5
6f1de233 Bump github.com/docker/docker
d55f85f2 update release support details in the README
3e40ab7e Bump github.com/onsi/gomega from 1.27.4 to 1.27.5
13c94c7a Update Ubuntu 18.04 to 20.04
8de6b6d7 Bump github.com/urfave/cli/v2 from 2.25.0 to 2.25.1
8db31a76 Bump github.com/onsi/ginkgo/v2 from 2.9.1 to 2.9.2
3c0741e5 Bump github.com/golang/glog from 1.1.0 to 1.1.1
4d45340a feat: add riscv64
53e4c3ba Bump github.com/onsi/gomega from 1.27.3 to 1.27.4
e13ad25e Bump github.com/onsi/ginkgo/v2 from 2.9.0 to 2.9.1
21e62dde Bump github.com/onsi/gomega from 1.27.2 to 1.27.3
02317f82 Bump github.com/golang/protobuf from 1.5.2 to 1.5.3
9d847e2c Bump golang.org/x/net from 0.7.0 to 0.8.0
bfdb44b5 Bump github.com/urfave/cli/v2 from 2.24.4 to 2.25.0
060929a6 Bump github.com/golang/glog from 1.0.0 to 1.1.0
c020f31f Bump golang.org/x/term from 0.5.0 to 0.6.0
47b33362 Bump github.com/onsi/ginkgo/v2 from 2.8.4 to 2.9.0
f8cb6925 Bump github.com/onsi/gomega from 1.27.1 to 1.27.2
578b38a1 Bump github.com/onsi/ginkgo/v2 from 2.8.3 to 2.8.4
ce2c55c0 Bump github.com/onsi/gomega from 1.26.0 to 1.27.1
f7333f20 Run GitHub actions by `push` only on `master` and tags
64f3f275 Bump github.com/onsi/ginkgo/v2 from 2.8.1 to 2.8.3
8f27b574 Bump github.com/urfave/cli/v2 from 2.24.3 to 2.24.4
b27232f2 Bump golang.org/x/net from 0.6.0 to 0.7.0
61a85a93 Bump github.com/onsi/ginkgo/v2 from 2.8.0 to 2.8.1
c61a79e9 fix crictl config list display error
595572a6 crictl code and args optimization.
85c6f21d Bump github.com/docker/docker
63a1d5a6 crictl config add list flag
b4ffa89f Bump golang.org/x/net from 0.5.0 to 0.6.0
3c35861c Bump github.com/opencontainers/selinux from 1.10.2 to 1.11.0
753c9a88 Makefile support cross compilation, build_bin_path optimization
fda6d7f8 crictl stats add name row
be5f634b Bump golang.org/x/term from 0.4.0 to 0.5.0
82c3e8ae Bump golang.org/x/sys from 0.4.0 to 0.5.0
6fc9e4af Bump github.com/urfave/cli/v2 from 2.24.2 to 2.24.3
01796ae5 Bump github.com/docker/docker
dd20ea16 Bump github.com/onsi/ginkgo/v2 from 2.7.1 to 2.8.0
ef8a0d68 Bump github.com/urfave/cli/v2 from 2.24.1 to 2.24.2
0b81ff2a Bump github.com/onsi/ginkgo/v2 from 2.7.0 to 2.7.1
a4c976aa Makefile: pass in a custom variable GOARCH
f6ec8fec Bump github.com/onsi/gomega from 1.25.0 to 1.26.0
5923662b Bump github.com/urfave/cli/v2 from 2.23.7 to 2.24.1
a8ddf64a Bump github.com/docker/docker
1e27c2c4 Bump github.com/onsi/gomega from 1.24.2 to 1.25.0
edf14e37 Update docs version to match latest release
850c8469 Bump other OTEL deps
6d46b592 Bump go.opentelemetry.io/otel/trace from 1.10.0 to 1.11.2
5364af0f fix: formatting
6f078ed6 fix(docs): add a note about other supported platforms
c2573905 Pass `nil` as tracer provider
8ac43a45 fix: add tip on latest version
8dee7ff5 Update ginkgo and gomega
92edf29e Switch to `registry.k8s.io`
aa036b5a Increase defualt timeout on Windows
5886c7df Add support for calling Windows pod stats
64e8f6b8 Bump golang.org/x/net from 0.4.0 to 0.5.0
3a981a98 Switch away from Docker Hub to avoid rate limits
b3262be7 Bump github.com/docker/docker
5046b65b Add haircommander to reviewers
4e387743 set LTS v1.6.12 into matrix to replace old v1.5 entry
baefda37 gh actions: remove dockershim tests
24cc748b plumb context through CRI
86befea9 bump to go 1.19
a7154756 vendor: bump kube to 1.26
f9764647 Bump github.com/urfave/cli/v2 from 2.23.5 to 2.23.7
6220423b Bump golang.org/x/net from 0.3.0 to 0.4.0
d6d8005f Bump golang.org/x/net from 0.2.0 to 0.3.0
f4cf7b6e Bump golang.org/x/term from 0.2.0 to 0.3.0
c37655ee Bump golang.org/x/sys from 0.2.0 to 0.3.0
9962fb03 add missing CPU count
7493f666 Add detach key sequence support
ca1571e6 critest: ensure server is running before portforward
b6fb4b1d Bump github.com/urfave/cli/v2 from 2.23.4 to 2.23.5
fa370cc5 Bump golang.org/x/net from 0.1.0 to 0.2.0
f1998865 Bump golang.org/x/term from 0.1.0 to 0.2.0
5c48eb26 Bump github.com/urfave/cli/v2 from 2.23.0 to 2.23.4
6b420011 Bump golang.org/x/sys from 0.1.0 to 0.2.0
6f8965f4 Bump github.com/onsi/gomega from 1.23.0 to 1.24.0
913089a4 Bump github.com/urfave/cli/v2 from 2.20.3 to 2.23.0
622b04f1 Bump github.com/onsi/gomega from 1.22.1 to 1.23.0
5acd3285 Bump github.com/docker/docker
c4b3e806 Bump github.com/urfave/cli/v2 from 2.20.2 to 2.20.3
0b1abed2 Bump github.com/onsi/ginkgo/v2 from 2.3.1 to 2.4.0
91521036 specify one supplementalGroup instead of two to make test code simpler
2649f53e added a validation test case For SupplementalGroups with the predefined groups in the container image
d965134b fix copyright section in image-predefined-group's Dockerfile
59137ff5 images/image-predefined-groups: don't specify group in USER
f1cb7aff Bump github.com/docker/docker
72d1ed12 add test image for testing SupplementalGroups with predefined groups in the container image
0fd7a1b4 Bump github.com/urfave/cli/v2 from 2.19.2 to 2.20.2
ac1c0c5b Bump github.com/docker/docker
44965774 Bump github.com/onsi/gomega from 1.21.1 to 1.22.1
78d5c955 Bump github.com/onsi/ginkgo/v2 from 2.3.0 to 2.3.1
11c282fd Bump github.com/onsi/ginkgo/v2 from 2.2.0 to 2.3.0
6e9a4670 Bump github.com/urfave/cli/v2 from 2.17.1 to 2.19.2
93332157 Bump github.com/onsi/gomega from 1.20.2 to 1.21.1
4b984ddc Implement password input on the command line
4507e46c Add recurring working areas to CONTRIBUTING
fd4bb370 Bump github.com/urfave/cli/v2 from 2.16.3 to 2.17.1
49249cbc Bump github.com/opencontainers/selinux from 1.10.1 to 1.10.2
adac6827 Cleanup owners
eb69454a Bump github.com/onsi/ginkgo/v2 from 2.1.6 to 2.2.0
373e7090 Bump github.com/urfave/cli/v2 from 2.16.2 to 2.16.3
6f5588ba Bump github.com/docker/docker
30d32dab Bump github.com/urfave/cli/v2 from 2.14.1 to 2.16.2
fd1c34d3 Bump github.com/urfave/cli/v2 from 2.14.0 to 2.14.1
46197a85 Bump github.com/urfave/cli/v2 from 2.11.2 to 2.14.0
a07c04ee Print deleted digest when repo tags empty
d3e8a304 Bump github.com/docker/go-units from 0.4.0 to 0.5.0
5bf099af Bump github.com/onsi/gomega from 1.20.1 to 1.20.2
74915650 Bump github.com/onsi/ginkgo/v2 from 2.1.5 to 2.1.6
9bad5cb3 Ensure benchmarks are skipped during validation tests.
fd16071d Bump github.com/onsi/ginkgo/v2 from 2.1.4 to 2.1.5
c148f5b2 Bump github.com/onsi/gomega from 1.20.0 to 1.20.1
778b8ed9 vendor: github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae
5168c419 cmd/crictl: replace deprecated pkg/term
0e31acb9 Update version references in docs and go.mod
3efdd0f4 Bump github.com/opencontainers/runc from 1.1.3 to 1.1.4
7abda56b Bump Kubernetes to v1.25.0
1151eb16 Bump github.com/urfave/cli/v2 from 2.11.1 to 2.11.2
a685ed61 No truncate PodID in ps command if --no-trunc exists
7cf65e12 Migrate to native ginkgo v2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping cri-o to version v1.26.2-10-gc0557b868, which comprises the following commits:
6ee82e547 Update crun to v1.8.3 and runc to v1.5.1
4bea0d45b create the metrics endpoint with correct shutdown logic
778169257 Update CNI plugins to v1.2.0
8f943a9cc Add spdx signature and cert to release notes
ab5daed67 Fix release notes build for release-1.26 branch
fc032744b version: bump to v1.26.2
141c69ac6 build(deps): bump sigstore/cosign-installer from 2 to 3
46e4d5286 Bump crun to v1.8.1
12cc52830 Pin nix version to fix static builds
2c3c8c7d8 unit-test: call UpdateContainerResources when nri enabled
d3504291c nri: add protection against nil dereference
8438fdf40 docs-validation: try String() for struct field values.
b997d9a61 internal/oci: don't crash when getting unset Spec.
96c12e147 test: update NRI BATS test.
d19c65049 completions, docs: update completions and man pages.
3c1bb518c config,criocli: update NRI deps, configuration.
9831dddef Fix cgroup leak for systemd cgroup driver
0c32aa50d Update to c/image 5.24.2
0015d0477 test/*: add test for checking the /etc folder permission
b1113fa78 server: fix the permission issue for `/etc`
7f60e0419 Update github.com/containers/image to v5.24.0
1f0b14da9 Update opencontainers/runtime-tools to a6a073817ab0.
0841fe69a Add container stats to the ListPodSandboxStats response
3facc028e Make storage unmount less strict
b93180c99 Inject release-notes branch from GitHub actions
5ce93c60e ci-verify: Run get-scripts only on main branch
d8c6707bd version: bump to 1.26.1
741be35fa vendor: bump storage to v1.44.1-0.20230101110555-a747b27fe4ca
f49c3b608 Update critest parameters
1b1b95af8 hostport: use generic Set
1e66eb86e server: update streaming interface to take context
2adc326f6 ci: bump cri-o.spec file to 1.26
ae0a0d5f9 static: bump go version
8f8228b77 bump to cri-tools 1.26.0
fff07d82f server: add support for new CRI calls
cac6a729e server/streaming: add context to methods
ec5beb231 vendor: bump kube to 1.26.0
8ffb14733 mocks: update with new c/storage mocks
48d0bf4ca job get script: fix conflist path
7705f9942 bump to v1.26.0
d06cae7c9 contrib/cni: use cniVersion 0.3.1 for ipv4 only bridge config
5526fae33 bundle: use ipv4 only config because of gh action limitation
1b8b28433 Support evented PLEG in CRI-O
5783c3254 Bump cri-api to support evented pleg
29ce5a7b2 get script: fix conflist path
f317b267d Fix-6080: Update the CNI version to 1.0.0
54b7b5fc0 test, Makefile: hook NRI tests into localintegration.
ab73c1dcd test/nri: add a test client with basic NRI tests.
36305e7bd server: hook NRI into request processing.
773e6e005 nri: add experimental NRI adaptation interface.
907f4edf5 config,cli: add support for NRI configuration.
a6430c8c8 Add test for conmonrs cgroup with no infra container
b6f92b04f Add test for default conmon cgroup type
f323d022c Fix applying cgroup for conmonrs when pinned
6c62954e8 Remove cri wrapper package
093d680dd server/metrics: Update seccomp notifier metrics to reduce cardinality
fe2458341 ci: make golangci-lint happy
da96d6be4 Support checkpointing infra less containers
4a541607e build(deps): bump github.com/onsi/ginkgo/v2 from 2.5.0 to 2.6.1
ebe73f411 build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0
7d8f2328f Merge log and metrics interceptor
cb8aa99d7 ResourceStore: delete entries after they're used
1b42a3d4c Use containerd v1.7.0-beta.0
41dca27cb server: fail if HOME variable has a newline
c1d7c54fa systemd: use on-failure as restart policy
88782d59c contrib/test/ci: fix SELinux permission issue on RHEL9
8132ef511 ci: update system-packages.yml to install gpgme-devel on fedora
ac319a568 OWNERS: move vrothberg to emeritus approvers
c095c4781 build(deps): bump github.com/urfave/cli/v2 from 2.23.5 to 2.23.7
7150ba10b contrib/test/ci: fix the when condition for CentOS Stream 9
0ffec79a4 contrib/test/ci: enable crb repo for CentOS Stream 9
905e8485a Update security process
3232ffe2a Downgrade cgroupfs test to Ubuntu 20.04
7d848b3c1 Fix GitHub actions CI
b6b4f8235 Add Reddit to ADOPTERS.md
189e9f7eb Disable typecheck linter
b9d94374b Bump golang dependencies
5e71e4f9c contrib/test: set env variables for integration tests
22249fcf9 build(deps): bump sigs.k8s.io/bom from 0.3.0 to 0.4.1
a67e7776c Port remaining logrus with internal/log
14547d489 Pass ctx so that more tracing spans could be created
19bc7330f internal/log: add a function to start new tracing span
834b60336 Setup logrus hook to attach logs to traces
ef3bed00b Remove CRI v1alpha2 support
c9316ec2a Update golangci-lint and config
3b631242b Add seccomp notifier feature
e3416bda9 build(deps): bump cachix/cachix-action from 11 to 12
71252c17b Disable checkpoint image check as early as possible
658a11552 Correctly extend $PATH before calling conmon during restore
a93201a8e Use correct key for tracing hostname field
923f665ca Add docs that `tracing-sampling-rate-per-million` set to 1000000 refers to always sample
999ba7f59 Fix CI
1e8229d45 build(deps): bump github.com/urfave/cli/v2 from 2.19.2 to 2.20.2
3327991b0 build(deps): bump cachix/cachix-action from 10 to 11
0ce9fb039 build(deps): bump google.golang.org/grpc from 1.50.0 to 1.50.1
1f8221f07 build(deps): bump cachix/install-nix-action from 17 to 18
376f7e9df Update dependencies
316830590 Add logs to OpenTelemetry traces
e56855dc7 docs: updated kubernetes tutorial
53e631663 Update conmon-rs to latest `main`
8bf89f341 Minor Checkpoint/Restore improvements
62d77513b Track type of all bind mounts during checkpointing
331f30bfb build(deps): bump google.golang.org/grpc from 1.49.0 to 1.50.0
997032dec .github/CODEOWNERS: drop runcom
a7a279c84 build(deps): bump sigs.k8s.io/zeitgeist from 0.3.2 to 0.3.5
fb66985f1 config: avoid segfault when workloads.resources is nil
0244fee08 support checkpointing to oci image
ae5d39c74 Fix lint CI on `main`
eabfdb404 [#5240] update supported OS versions
26614cad9 build(deps): bump github.com/urfave/cli/v2 from 2.15.0 to 2.17.1
f7c9c2754 build(deps): bump github.com/Microsoft/go-winio from 0.5.2 to 0.6.0
42bb61393 fix: give loopback a name
9ee3457ff test/README: Update url for kata containers
f1be99faa images/os/Dockerfile: Delete this, it's dead code
570a4c1b9 config: translate monitor fields when printing config
32e6520ff Update config readme
5d20c76fb Allow complete Runtimes config to change
88cc2f9b9 build(deps): bump k8s.io/klog/v2 from 2.70.1 to 2.80.1
28861ed60 build(deps): bump actions/stale from 5 to 6
88c1f772f build(deps): bump github.com/opencontainers/image-spec
b6755fc94 build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
c9ba93e08 build(deps): bump github.com/containers/podman/v4 from 4.2.0 to 4.2.1
2a876f1a7 build(deps): bump github.com/containers/buildah from 1.27.0 to 1.28.0
db20b31e1 Do not use deprecated SetNames
4ea5eeddf build(deps): bump github.com/container-orchestrated-devices/container-device-interface
481683497 config: do not remove runc if different default runtime
f24ea6702 workloads: fix whitespace
b3f877a64 template: fix whitespace and comments in runtimes table
b7b56c202 contrib/test: set LOG_DIR to debug kubernetes issues
0b0e16b1c Update conmon-rs
8e1a561e8 Bump conmon-rs code to latest `main`
506e0cbef contrib/test: drop userns integration tests
9db3e8e64 Add basic integration tests for runtime reload
877b5fbdc Add notes on runtime reload support to documentation
a3fb007fb Reload runtime configs on reload
29bff1526 Invert conditional check in ValidateDefaultRuntime
2ba6ee2ed Move default runtime validation to its own function
018657b37 use cri-tools version from dependencies.yaml
406f367cb use AddInheritableCapabilities
9070d982d config: add field AddInheritableCapabilities
9d5fbfd90 resourcestore: add test for stages
40d41e3fb server: update stages according to progress with resource creation
bce2bc388 resource store: return stage when a watcher is requested
a8e2fc166 resource store: introduce stages
1955be644 Add conmon-rs e2e to ansible playbook
24304da5e server: return already created ID for duplicated requests
6b627cbc0 cli: fix some inconsistencies in the help text
0cdd90155 Update vendored files
14926effc go.mod: update goresctrl to v0.3.0
53182dd9b build(deps): bump github.com/urfave/cli/v2 from 2.11.2 to 2.15.0
3b6b98872 Add scripts to run node e2e tests using custom cri-o builds
6d66ea7e6 Fix integration CI runs
7a0b131f5 build(deps): bump sigs.k8s.io/zeitgeist from 0.3.1 to 0.3.2
388032759 metrics: close listener on shutdown
ee5d97254 cgmgr: use NewSystemd from createSandboxCgroup
aede1956a contrib/test/ci: add rhel9 variant-specific changes
8ec499266 removes async
b2a72cbd8 migrates tests to run on GCP
76ec212ea Update build instructions for RHEL 8 distribution
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping containerd to version v1.7.0-11-g6ea9bc57f, which comprises the following commits:
d81fc15af update runc binary to v1.1.5
755efbe64 go.mod: github.com/opencontainers/runc v1.1.5
90591db47 Defer uid lookups on Darwin
b7d87b190 Add `WithReadonlyTempMount` to create readonly temporary mounts
1c1b6bcb2 CRI: Don't always close netConfMonitor channel
cf2e454bf Sandbox: Correct/add some fields to Status()
ce68e8e0d Sandbox: Cleanup shim on Start failure
e13a9165e Prepare release notes for v1.7.0
625217d5f RELEASES.md: describe the deprecated config properties
703e2ba4b docs: link docs/managed-opt.md to client.Install
f2bb9c9b0 Go 1.20.2
56354c7de Update ttrpc to v1.2.1
5144ba9c4 sandbox: create sandbox with network namespace path
dd3eedf3c labels: Add LabelDistributionSource
5c9c630c3 use uppercase letters for flag usage
0efc498d3 Prepare release notes for v1.7.0-rc.3
ff4acdc42 metadata: add comments about Image.CreatedAt
6d46bb410 go.mod: go.opentelemetry.io/otel/* v1.14.0
d26587c72 archive: disable looking up usernames and groupnames on the host
535ef5054 go.mod: github.com/stretchr/testify v1.8.2
2b4f830ed go.mod: github.com/opencontainers/selinux v1.11.0
6bfc82daf go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1
7c70185ae go.mod: github.com/klauspost/compress v1.16.0
8e67b2731 go.mod: github.com/imdario/mergo v0.3.13
6afec5558 go.mod: github.com/emicklei/go-restful/v3 v3.10.1
c4f928f88 go.mod: github.com/containerd/ttrpc v1.2.0
5630d6a84 go.mod: github.com/containerd/fifo v1.1.0
6d9513231 go.mod: github.com/containerd/cgroups/v3 v3.0.1
da1ffdd75 go.mod: github.com/Microsoft/hcsshim v0.10.0-rc.7
60738e31d Update imgcrypt to v1.1.7
8a4d409b9 Add release notes for v1.7.0-rc.2
d602c9aec docs: fix typo of shim.RunManager's function comment
f70657650 feat: tag image using Transfer api
f7eb86ef3 Sandbox: Delete shim+shutdown sandbox on create failure
6b4b6956e Sandbox: Fix/enhance error messages for Create
8ce3e4e15 epoch: fix unit test when SOURCE_DATE_EPOCH is set
32ed559c8 Add Windows Sandbox Stats (sbserver)
08aa576a9 Add Windows Sandbox Stats
8137e41c4 Add ArgsEscaped support for CRI
5946c1051 *: fix code style issue
98cb6d7eb cri/sbserver: ignore the NOT_FOUND error in exec cleanup
01671e9fc cri: add config ut for invalid drain io timeout value
55e25f164 integration: add testcase to drain exec IO in time
ffebcb122 cri: disable drain-exec-IO if it is empty timeout
791f137a5 *: update drainExecSyncIO docs and validate the timeout
13bf5565e [transfer] update export to use image store references
e2283edef [transfer] update export API types
f6491b004 feat: export images using Transfer api
b9d7eae1a feat(api): add fields to ImageExportStream
3c18decea *: add DrainExecSyncIOTimeout config and disable as by default
a9cbddd65 *: fix typo and skip exec-io-drain-testcase in win
b91f42a14 ctr/tasks: support remapped UID/GID
2e96ba95e Create config struct to take user input
f25ec98d0 Fix linting error `sets.String is deprecated`
8145b15f0 Bump k8s.io deps
04dfd6275 pkg/cri/sbserver: add timeout to drain exec io
82c0f4ff8 pkg/cri/server: add timeout to drain exec io
43d36a254 Add experimental section to RELEASES.md
cd84f752c Prepare release notes for v1.7.0-rc.1
ae42f836f Update mailmap
4522ad886 Update CRI guide link
57fb2d30f Add max shim version environment variable
5c6e9f83d Fix streaming manager deadlock on collection
acf6e9411 Update README with location of security audits
30883d831 Increase CI workflow timeout on Windows.
af7477e43 docs: fix typos in historical/design/data-flow.md
6b589a89f releases: mark 1.5 as EOL
dba6f9db1 Add version to shim protocol
36ae2f6b9 bump go-cni to v1.1.9
cf46d3c6f Treat sandboxes as root gc resources and scan referenced objects
35d42b47f Add Linux arm64 arch to install-protobuf script
727f8530c Prepare release notes for v1.7.0-rc.0
2e9aaf094 docs: update instructions for enabling NRI.
310be5ce6 pkg/nri: update NRI configuration.
8a47c6910 Add a leading space after the comment sign
f53417921 Add unit test to getSupportedPlatform
a6ad9e04e Rewrite install-protobuf script
3769b4840 Rewrite install-protobuf script
47305392c Add configuration options to local transfer service
bd0a2a927 CRI: remove duplicated snapshotters code
49abbe4f2 fix failing TestCDIInjections
30e4a1409 update CDI version to v0.5.4
4728800ab runtime/v2: Get rid of last logrus.Fields usage
4278fbbc7 runtime/v2: Call onCloseWithShimLog for grpc shims
06e085c8b Add Fields type alias to log package
0ecdd341d docs: add more comment to logging.LoggerFunc
ea83632a8 docs: Show how to select GRPC for shims
369339897 Migrate from k8s.gcr.io to registry.k8s.io
a48dbefc1 Fix concurrent writes for UpdateContainerStats
dc27cc0a2 Add macOS build notes
56274749c sandbox: start sandbox with options
2716fd041 dependency: bump go.etcd.io/bbolt to v1.3.7
979a74412 runtime/v2: Log BootstrapParams
4baa1876b contrib/apparmor: remove code related to apparmor_parser version
0ced6ac64 Prepare release notes for v1.7.0-beta.4
90d004ae8 Go 1.20.1
281f89a9d go.mod: go 1.19
d8b68e3cc Stop using math/rand.Read and rand.Seed (deprecated in Go 1.20)
a9ac5f9cb lint: remove `//nolint:dupword` that are no longer needed
9b510e9a8 lint: silence "SA1019: tar.TypeRegA has been deprecated... (staticheck)"
8bf975b4f lint: silence "type `HostFileConfig` is unused (unused)"
4b9fd6ba5 golangci-lint v1.51.1
ac31c9a53 Clean up repeated package import
39bac0dbe error strings should not be capitalized
9a9cfe85e Go 1.19.6
0166783c7 cni: pass in the cgroupPath capability argument
d14758b60 go.mod: bump to go-cni main
e855a5998 cmd/ctr/commands/images: support usage subcommand
9c82e929f release: xx v1.2.1
844252164 Add fallback for windows platforms without osversion
081601f52 Update imagestore interface to support multiple references
646bc3a94 CRI: Create DefaultCRIAnnotations helper
5aab634e1 CRI: Pass sandbox annotations to _other platforms
2b24af8d1 Use options to pass PodSandboxConfig to shims
ebbcb57a4 pkg/cri/sbserver: experimental NRI integration for CRI.
8a1dca0f4 pkg/cri: split out NRI API from pkg/cri/server.
a8bb1ad2a loadConfig pre-inspection in advance
36e7dbdcb ctr version: add args check, prohibit incoming args
750d18ace Extract CRI instrument package
60d04b0b0 pkg: rename {blockio,rdt}_default.go -> nonlinux.go
b61988670 go.mod: github.com/containerd/typeurl/v2 v2.1.0
74b371b98 CRI: Mirror generic toml runtime config under server
8ef298d86 Add transport credentials GRPC opt
77fc0948c Use switch when creating TTRPC/GRPC client
a82e37a5a Add shim bootstrap params
fc2e761e2 Initial GRPC client support
9e5c207e4 Wire up client bridges
4b1ebef3c Add Sandbox service GRPC bridge
47cb5f64b Add Task Service GRPC bridge
51a8db233 Send container events with nil PodSandboxStatus
27c8f4085 Move PLEG event generation back to sbserver to avoid missing pod sandbox status
7cf556075 test: add hostNetwork tests for both windows and linux
d33a43cc2 pkg/apparmor: clarify Godoc
a3265102d Revert "Don't check for apparmor_parser to be present"
c990e3f2e contrib/apparmor: remove version-dependent rules
fe0116ec2 CI: skip some jobs when `repo != containerd/containerd`
3eda46af1 oci: fix additional GIDs
ef2560d16 oci: fix loop iterator aliasing
52f82acb7 btrfs: depend on kernel UAPI instead of libbtrfs
62df35df6 *: introduce wrapper pkgs for blockio and rdt
6cdc221f5 'go routine' should be 'goroutine'
b0e97c0f9 Use multierror for cleanup error
34314717b Remove sandox store and controller service type
a788f6c79 Move local sandbox controller under plugins package
2717685da Refactor sandbox controller interface
0b33a45fa cri: fix Mirrors deprecation comment
5bc3fea62 update fuzz function names in docs with golang naming convention
904a87d26 docs: fix function names in fuzzing test documentation
9e4acc028 importer: stream oci-layout and manifest.json
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping conmon to version v2.1.3-43-g9a3af8f, which comprises the following commits:
9a3af8f logging: avoid opening /dev/null for each write
813c8d7 oom: restore old OOM score
9d3a955 Update CI VM images
b1d7297 Use default umask `0022`
54a0c9c exit: Free allocated string
dbade0d version: bump to v2.1.7
1841000 Fix leaking symbolic links in the opt_socket_path directory
5cff0ce cgroup: Stumble on if we can't set up oom handling
5f669ba bump to v2.1.6
3dc09f6 packit: build in dedicated projects
fffef27 hack: build ginkgo in GOPATH
ef8a9f2 vendor bump ginkgo to v2
b042229 gh actions: bump to go 1.20
c002534 Use --detach instead of -d
df277e2 Fix OOM watcher for cgroupv2 `oom_kill` events
4cb1e4d Lint/format fixes for golang 1.19
a10fe91 Update CI VM Images to F36/F37
2d03ad0 ctrl: drop fifo perms to 0660
8c72109 Fix tools/Makefile with GNU make 4.4
6b600ac bump to v2.1.5
28b3bc7 don't leak syslog_identifier
f903e20 logging: do not read more that the buf size
f4d3beb logging: fix error handling
21f648b cli: Fix conmon-pidfile/container-pidfile description
1df3e90 Makefile: Fix install for FreeBSD
cb0c68b signal: Track changes to get_signal_descriptor in the FreeBSD version
1fbfa33 Packit: initial enablement
5e82bb4 bump to 2.1.4
1420874 signal: handle SIGUSR1 with signalfd
636e239 Use /usr/bin/env to locate bash
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping runc to version v1.1.5-1-g17a2d451, which comprises the following commits:
17a2d451 VERSION: back to development
f19387a6 VERSION: release v1.1.5
8ec02ea1 nsexec: retry unshare on EINVAL
0abab45c Prohibit /proc and /sys to be symlinks
0e6b818a rootless: fix /sys/fs/cgroup mounts
f6e2cd3b nsexec: Check for errors in write_log()
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping runc to version v1.1.5-1-g17a2d451, which comprises the following commits:
17a2d451 VERSION: back to development
f19387a6 VERSION: release v1.1.5
8ec02ea1 nsexec: retry unshare on EINVAL
0abab45c Prohibit /proc and /sys to be symlinks
0e6b818a rootless: fix /sys/fs/cgroup mounts
f6e2cd3b nsexec: Check for errors in write_log()
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Change 0001-hack-lib-golang.sh-use-CC-from-environment.patch to also
remove the 'export CC=xxx' for amd64. The original patch is a little
strange, it removes such statements for other archs but leaves amd64
untouched. If we're using CC from our environment, we use it for all
targets.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping kubernetes to the next release candidate (april 2023).
We refresh our $GO patch, drop the need to do release artifacts
preparation and add a new INSANE_SKIP for kubelet.
But otherwise, the build and content the same or similar.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping libpod to version v4.4.3-2-g6172f29f9, which comprises the following commits:
2c01aa7e3 Bump to v4.4.4-dev
d2f93d621 Bump to v4.4.3
2ae3c4fe9 Release notes for v4.4.3
d6ea3983d compat: /auth: parse server address correctly
0a897f03f vendor github.com/containers/common@v0.51.1
f7fccc87c pkginstaller: bump Qemu to version 7.2.0
53212ea0e podman machine: Adjust Chrony makestep config
06925d554 [v4.4] fix --health-on-failure=restart in transient unit
9c0d2dc2f podman logs passthrough driver support --cgroups=split
a0fad9f8c journald logs: simplify entry parsing
54b070ee6 podman logs: read journald with passthrough
c5fa9c50f journald: remove initializeJournal()
6b19e1437 netavark: only use aardvark ip as nameserver
d737a815a compat API: network create return 409 for duplicate
1a3a5594a fix "podman logs --since --follow" flake
bd65bf2ed system service --log-level=trace: support hijack
8ab00424b podman-mac-helper: exit 1 on error
badbd8a34 bump golang.org/x/net to v0.8.0
36ab43f77 Fix package restore
df0fe4fcc Quadlet - use the default runtime
594d488b8 Bump to v4.4.3-dev
74afe2688 Bump to v4.4.2
87a1c2701 Release notes for v4.4.2
3abff420a Revert "CI: Temporarily disable all AWS EC2-based tasks"
8322cab91 kube play: only enforce passthrough in Quadlet
d69512b98 Emergency fix for man pages: check for broken includes
9606d7f99 CI: Temporarily disable all AWS EC2-based tasks
ab7a47840 quadlet system tests: add useful defaults, logging
805e94b03 volume,container: chroot to source before exporting content
321d05aa9 install sigproxy before start/attach
84521f52d Update to c/image 5.24.1
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The function is_valid_endpoint_url() in botocore is designed to validate
endpoint URLs, but it fails to detect unsafe characters with Python 3.9.5+
and other versions carrying bpo-43882 fix. The issue is caused by urlsplit()
silently stripping LF, CR, and HT characters while splitting the URL,
which disarms the validator in botocore.
This patch detects unsafe characters in is_valid_endpoint_url() and
is_valid_ipv6_endpoint_url() early, in order to fix rejecting invalid URLs
with unsafe characters.
Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The container stack flexibilty features set defaults (like other
parts of the layer) when 'virtualization' is in the distro features.
That reqirement means that the recipes fail parsing and QA checks
when the distro feature isn't enabled.
The defaults are currently safe for a virtualization enabled and
disabled configuration, so we include them in either case.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Add support of redirect option for curl, the
linuxcontainers.org sometimes redirect to
other mirror site such like us.lxd.images.canonical.com,
this would cause the lxc-download script report
download failed.
Reproduce and verified on following command:
lxc-create -t download -n test -- --dist archlinux --release current --arch arm64
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We need the kvm distro feature to trigger the proper KERNEL_FEATURES
and hence the proper kvm kernel module packages as listed in this
image.
We can avoid questions and issues by checking for the required distro
feature in the image recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Rather than using virtual-runc (which choses between the old docker and
opencontainer variants), use the newly added
VIRTUAL-RUNTIME_container-runtime variable, which allows switching
betwen runc and crun.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
To make it simpler to vary the container runtime and the
networking infrastructure to be used with podman, we use
the recently introduced VIRTUAL-RUNTIME variables that
control these values.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
From the configuration file itself:
These variables represent groupings of functionality in the CNCF
landscape. In particular, they are areas where there is a choice
between more than one implementation or an area where abstraction
is beneficial.
The contents of the variables are are runtime components that
recipes may use for RDEPENDS.
Build dependencies are not typically flexible, so do not currently
have DEPENDS equivalents for the components (i.e. DEPENDS on runc
versus crun).
Distro features such as kubernetes or other container stacks
can be used to set different defaults for these variables.
Note: these are "global" values, since they represent choices.
If more than of a grouping is required on target, then the variable
can be appended or set to multiple values. That being said, Recipes
should generally agree on the values, hence the global namespace.
Recipe specific choices can still be done, but they risk
conflicting on target or causing runtime issues / errors.
## CNCF "components"
# engines: docker-ce/docker-moby, virtual-containerd, cri-o, podman
VIRTUAL-RUNTIME_container_engine ??= "podman"
# runtime: runc, crun, runv, runx
VIRTUAL-RUNTIME_container_runtime ??= "virtual-runc"
# networking: cni, netavark
VIRTUAL-RUNTIME_container_networking ??= "cni"
# dns: cni, aardvark-dns
VIRTUAL-RUNTIME_container_dns ??= "cni"
# orchestration: k8s, k3s
VIRTUAL-RUNTIME_container_orchestration ??= "k3s"
## Kubernetes terminology "components"
VIRTUAL-RUNTIME_cri ??= "containerd"
VIRTUAL-RUNTIME_cni ??= "cni"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping docker to version v23.0.1-34-gbfc8e1ae36, which comprises the following commits:
2337258d28 libnet/networkdb: fix nil-dereference panic in test
d6d48dd95d Upgrade to golangci-lint v1.51.2
c4b655830d Migrate away from things deprecated in Go 1.20
c6bf777eae d/l/awslogs: fix ineffective Add in test
da10937926 daemon: handle EISDIR error from runtime
938ed9a1ed distribution/xfer: make off-by-one error a feature
ca712d6947 Fix loop-closure bugs in tests
2c55b264f7 Upgrade containerd/fifo to v1.1.0
8fd038fb71 dependency: bump go.etcd.io/bbolt to v1.3.7
87a1517f8f vendor: golang.org/x/net v0.7.0
d15010643c vendor: golang.org/x/text v0.7.0
0727310950 vendor: golang.org/x/sys v0.5.0
b8c448ef24 Revert "apparmor: Check if apparmor_parser is available"
a3f5319563 vendor: github.com/containerd/containerd v1.6.18
52d667794f [23.0] update containerd binary to v1.6.18
11715a05ca update to go1.19.6
962c238c17 libnet/networkdb: use atomics for stats counters
20d05e235e libnetwork/networkdb: make go test -race ./libnetwork/networkdb pass
c2d69d06b0 api/s/r/swarm: log backend errors at Debug level
7c09feb58c libnetwork: check DNS loopback with user DNS opts
6c2637be11 Do not log connection info before the connection exists
4002fa877b vendor: update buildkit to latest v0.10
Bumping docker-cli to version v23.0.1-2-g1ab7665be, which comprises the following commits:
1810e922a docs: drop dated comments about graphdrivers
27b19a6ac ci: fix branch filter pattern
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping moby to version v23.0.1-34-gbfc8e1ae36, which comprises the following commits:
2337258d28 libnet/networkdb: fix nil-dereference panic in test
d6d48dd95d Upgrade to golangci-lint v1.51.2
c4b655830d Migrate away from things deprecated in Go 1.20
c6bf777eae d/l/awslogs: fix ineffective Add in test
da10937926 daemon: handle EISDIR error from runtime
938ed9a1ed distribution/xfer: make off-by-one error a feature
ca712d6947 Fix loop-closure bugs in tests
2c55b264f7 Upgrade containerd/fifo to v1.1.0
8fd038fb71 dependency: bump go.etcd.io/bbolt to v1.3.7
87a1517f8f vendor: golang.org/x/net v0.7.0
d15010643c vendor: golang.org/x/text v0.7.0
0727310950 vendor: golang.org/x/sys v0.5.0
b8c448ef24 Revert "apparmor: Check if apparmor_parser is available"
a3f5319563 vendor: github.com/containerd/containerd v1.6.18
52d667794f [23.0] update containerd binary to v1.6.18
11715a05ca update to go1.19.6
962c238c17 libnet/networkdb: use atomics for stats counters
20d05e235e libnetwork/networkdb: make go test -race ./libnetwork/networkdb pass
c2d69d06b0 api/s/r/swarm: log backend errors at Debug level
7c09feb58c libnetwork: check DNS loopback with user DNS opts
6c2637be11 Do not log connection info before the connection exists
4002fa877b vendor: update buildkit to latest v0.10
Bumping docker-cli to version v23.0.1-2-g1ab7665be, which comprises the following commits:
1810e922a docs: drop dated comments about graphdrivers
27b19a6ac ci: fix branch filter pattern
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping crun to version 1.8.1-3-ga09ab72, which comprises the following commits:
11d1baf build(deps): bump actions/upload-artifact from 2 to 3
f8a096b NEWS: tag 1.8.1
4748543 utils: drop magic number 4096
b022227 utils: use mempage size buffer to read /proc/mounts
2da0773 linux: always use direct mapping
6cdf51c container: delete cgroup on errors
fba646e cgroup: rmdir the entire systemd scope
3221684 crun.1.md: fix typo
31bcf8f crun.1.md: fix markup
5007784 build: delete .version file on make clean
46fbeee cgroup: reset systemd unit if start fails
7e7a4db cgroup: do not add default dependencies
4bd4c4e test: run codespell on the correct directory
8b46c45 src: run codespell
b841b71 Support passing an attribute to change the mount_context_type
2ca4233 test: fix path for crictl
ce66b2e Revert "Support passing an attribute to change the mount_context_type"
87b69c3 Support passing an attribute to change the mount_context_type
d23a94a krun: create /dev/sev as part of the OCI configuration
84092f6 handlers: add hook for exec
83f3ab2 handlers: rename exec_func to run_func
93a8e2f krun: always allow /dev/kvm
675e87c handlers: update uses modify_oci_configuration
1efd61a update: move json parsing to container
c9b230a handlers: provide cleanup function
bd22751 handlers: move cookie data under the same struct
71bf884 handlers: add new hook to modify the OCI configuration
b3e167d crun: set handler for all commands
f0f7b8c handlers: initialize handler in the parent process
cfec5ce NEWS: tag 1.8
957796e libcrun: remove unused intprops.h
8363deb linux: move PR_SET_DUMPABLE after userns creation
83de960 dist: do not include binary tests
188e0ce nix: add gcrypt dependency
f7c715d nix: remove protobuf dependency
765161c nix: refactor same command line
98898d2 nix: update image to nixos/nix:2.12.0
bcae634 Add support for ppc64le
9b287dd README.md: add CodeQL badge
ed7598d README.md: drop lgtm badges
1a61b4d utils: shrink read buffer if necessary
2a5cc1d nix: update packages
7d9fa03 tests, centos8-build: add safe.directory /crun
822ca4a utils: add utils to access /proc/$PID/fd/$FD paths
0554b0a utils: change initial size for buffer
742e8fc utils: reallocate only if needed
4e379c6 cgroup: support cpuset mounted with noprefix
58166e6 linux: set PR_SET_DUMPABLE
908bfc4 linux: mount cgroup ro on /sys bind mount fallback
cd1cf0b linux: add two new arguments to get_bind_mount
b84bde9 linux: mount the source cgroup if cgroupns=host
03d2969 linux: refactor out helper function
75f5c1a linux: fix error message
234d77c linux: precreate devices on the host
f23cd15 utils: add functions to read overflow IDs
85767be linux: remove duplicate slash
1e29136 linux: generalize fsopen_mount
a186e8a linux: add dirfd argument to get_bind_mount
7e42a18 linux: add infra to send devices mounts
a6c9453 linux: generalize receive_mounts
b0fe2e4 linux: refactor code in a separate function
05f1298 contrib, seccomp-notify-plugin: free args on error to prevent leak
a34dd94 cri-o,test: skip failing test unrelated to crun
78cf10f crun: fix clang format
278b9b4 src/crun.c: fix build without dlfcn.h
0ebf4e7 build(deps): bump uraimo/run-on-arch-action from 2.3.0 to 2.5.0
4832ca4 Don't clone self from read-only mount
9df7442 tests, wasmedge: copy libraries under /usr/lib64
2044720 tests, wasmedge-build: install which
6f0d03c tests, crio: skip checkpoint/restore tests
d406a97 tests, centos9-build: add safe.directory /crun
81b4ba0 tests, cri-o: add criu-libs rpm
ca41c80 cloned_binary: use cleanup_close
e1c3906 tests, cri-o: update go to 1.19
a83001b cgroups v1: fix legacy mode mount.
26fe138 utils: fix applying AppArmor profile
1cfaf54 tests: disable some CRI-O failing tests
5e3ef32 crun: write setgroups=deny when mapping a single uid/gid
da84be0 github: fix cri-o CI on cgroupv2
cdf7864 tests: disable test that requires io.bfq.weight
c54fc6f github: fix running on cgroupv2
0356bf4 NEWS: tag 1.7.2
d389308 criu: hardcode to libcriu version 2
3880f04 cgroup: always enable controller
258c237 crun: fix compile time check for CRIU
6ce11e8 copr: enable wasmedge on all active envs
ada59b2 tests: fix podman tests
d068462 NEWS: tag 1.7.1
9893e99 utils: Improve debug message
db08071 linux: include terminal \0 when copying mapping
67f58c6 utils: fix creating default userns
5689bd1 krun: disable libkrun's collection of env vars
6b8da56 krun: copy the OCI configuration file
92db973 configure.ac: do not link libcriu dynamically
f6a5109 criu: add check at runtime for the version
8c3fc12 criu: load libcriu dynamically
b3189ef src: run make clang-format
be6c22c fix timestamp format, tv_usec is microsecond not nanosecond
ff95309 copr: enable wasmedge on epel9
40f66c0 seccomp: initialize libgcrypt
9bff00a Add setlinebuf() when --debug and --log=file: are used.
cb6ae27 handlers: set selinux/apparmor profile
0efbe56 utils: change AppArmor profile for the current proc
f1f286a utils: change SELinux label for the current proc
a1cd1a6 handlers: use only the handler name if needed
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The aardvark-dns is an optional runtime dependency of the netavark.
This recipe introduces the aardvark-dns, so it can be integrated
to netavark.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The recipe is generated via cargo-bitbake. Modifications are done
in netavark.inc to allow re-genrating the recipe for future updates.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
lxc-test-apparmor-mount and lxc-test-get_item related to apparmor,
since the lxc-test-apparmor has been already skipped, so also skip
those two cases.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Remove the '.git' suffix of the cobra in SRC_URI to make the cobra
SRC_URI exactly the same among the recipes which define cobra to
make sure two local git repos (Yocto supports fetching locally)
which are the same.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We drop our backported patch, since it is now part of the upstream
project.
We also drop {LINKSHARED} from the build, as with the updated buildah
and golang version bumps in oe-core, we get the following build error:
| # github.com/containers/buildah/cmd/buildah
| type:*crypto/elliptic.nistCurve[*crypto/internal/nistec.P384Point]: unreachable sym in relocation: crypto/elliptic.(*nistCurve[*crypto/internal/nistec.P384Point]).Add
| type:*crypto/elliptic.nistCurve[*crypto/internal/nistec.P384Point]: unreachable sym in relocation: crypto/elliptic.(*nistCurve[*crypto/internal/nistec.P384Point]).Add
It is unclear what the linked shared flag was providing in our build,
and we are generally ok with statically linked go applications. So we
drop the flag until a compelling reason exists to debug the linking
failure.
Bumping buildah to version v1.29.1-1-g7fa17a842, which comprises the following commits:
faf0d4fcb [release-1.29] Bump to Buildah v1.29.1
7d5ff3012 Update to c/image 5.24.1
94b723cb5 Bump to v1.29.0
c9cbc6d7d tests: improve build-with-network-test
5e3f26de2 Bump c/storagev1.45.3, c/imagev5.24.0, c/commonv0.51.0
b70fb1765 build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0
fe0256d38 Flake 3710 has been closed. Reenable the test.
f9ef51cbb [CI:DOCS] Fix two diversity issues in a tutorial
3ef898e41 build(deps): bump github.com/fsouza/go-dockerclient from 1.9.2 to 1.9.3
0d87e38b6 vendor in latests containers/(storage, common, image)
15bdd2aad fix bud-multiple-platform-with-base-as-default-arg flake
ac7458e70 stage_executor: while mounting stages use freshly built stage
e1cfcb240 build(deps): bump github.com/fsouza/go-dockerclient from 1.9.0 to 1.9.2
d1c82c29a build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0
4dec25346 vendor in latests containers/(storage, common, image, ocicyrpt)
c0f6c6b7a [Itests: change the runtime-flag test for crun
186b30168 [CI:DOCS] README: drop sudo
1950ab687 Fix multi-arch manifest-list build timeouts
d106e425a Cirrus: Update VM Images
67ab55bbb bud: Consolidate multiple synthetic LABEL instructions
9fced965e build, secret: allow realtive mountpoints wrt to work dir
938c03556 fixed squash documentation
59da1a7f7 build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15
4952862a2 Correct minor comment
820fafc88 Vendor in latest containers/(common, image, storage)
a75b263f7 system tests: remove unhelpful assertions
356668389 buildah: add prune command and expose CleanCacheMount API
a5e177586 vendor: bump c/storage to a747b27
60be7f250 Add support for --group-add to buildah from
00d8d94cb build(deps): bump actions/stale from 6 to 7
e33bb8678 Add documentation for buildah build --pull=missing
5828918bc build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14
4aa28f6a7 build(deps): bump github.com/docker/docker
7a4702ae2 parse: default ignorefile must not point to symlink outside context
67c2e4de5 buildah: wrap network setup errors
d9578d32c build, mount: allow realtive mountpoints wrt to work dir
57a77073a Update to F37 CI VM Images, re-enable prior-fedora
798a250d4 Update vendor or containers/(image, storage, common)
ca96c3678 build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0
e0054a03d Update contact information
e5cc78c43 build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0
46eea3158 Replace io/ioutil calls with os calls
0183471b9 [skip-ci] GHA/Cirrus-cron: Fix execution order
8428bc87b Vendor in containers/common
e60c4d7e5 build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0
ffed85036 remote-cache: support multiple sources and destinations
a1698cde6 Update c/storage after https://github.com/containers/storage/pull/1436
025a8df51 util.SortMounts(): make the returned order more stable
5e792e97b version: Bump to 1.29.0-dev
498b45770 [CI:BUILD] Cirrus: Migrate OSX task to M1
94560581d Update vendor of containers/(common, storage, image)
e6eb05f75 mount=type=cache: seperate cache parent on host for each user
20dd347b9 Fix installation instructions for Gentoo Linux
e162302df build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10
1cfb5eafb GHA: Reuse both cirrus rerun and check workflows
5bd5a4f9d Vendor in latest containers/(common,image,storage)
8e4979e81 build(deps): bump github.com/onsi/gomega from 1.24.0 to 1.24.1
3d755b5eb copier.Put(): clear up os/syscall mode bit confusion
1a18ab341 build(deps): bump golang.org/x/sys from 0.1.0 to 0.2.0
646c28290 Use TypeBind consistently to name bind/nullfs mounts
d4c661a77 Add no-new-privileges flag
1f372c08a Update vendor of containers/(common, image, storage)
b2054360a imagebuildah:build with --all-platforms must honor args for base images
a17238891 codespell code
217b2d524 Expand args and env when using --all-platforms
c554e5330 build(deps): bump github.com/onsi/gomega from 1.23.0 to 1.24.0
ed3707765 GHA: Simplify Cirrus-Cron check slightly
1091222b2 Stop using ubi8
cec864147 remove unnecessary (hence misleading) rmi
ffb00243f chroot: fix mounting of ro bind mounts
a237085fe executor: honor default ARG value while eval base name
481b3cc95 userns: add arbitrary steps/stage to --userns=auto test
dc733f1d2 Don't set allow.mount in the vnet jail on Freebsd
e867db39b copier: Preserve file flags when copying archives on FreeBSD
bf4420f25 Remove quiet flag, so that it works in podman-remote
8b1a490bd test: fix preserve rootfs with --mount for podman-remote
b24449990 test: fix prune logic for cache-from after adding content summary
4290ab5af vendor in latest containers/(storage, common, image)
1d0dd78c3 Fix RUN --mount=type=bind,from=<stage> not preserving rootfs of stage
7aa34b86f Define and use a safe, reliable test image
87e379d5b Fix word missing in Container Tools Guide
57f370d9d Makefile: Use $(MAKE) to start sub-makes in install.tools
3223610ff imagebuildah: pull cache from remote repo after adding content summary
f9693d0a5 Makefile: Fix install on FreeBSD
835668715 Ensure the cache volume locks are unlocked on all paths
0d7414703 Vendor in latest containers/(common,storage)
60382209e Simplify the interface of GetCacheMount and getCacheMount
8f955f801 Fix cache locks with multiple mounts
bdd62ef87 Remove calls to Lockfile.Locked()
cfa10d16c Maintain cache mount locks as lock objects instead of paths
ffb2f27a8 test: cleaning cache must not clean lockfiles
6838cbc81 run: honor lockfiles for multiple --mount instruction
f2e0af5c4 mount,cache: lockfiles must not be part of users cache content
6fa774ddc Update vendor containers/(common,image,storage)
bdb549478 [CI:BUILD] copr: buildah rpm should depend on containers-common-extra
eb9f3648b pr-should-include-tests: allow specfile, golangci
da214d6d4 build(deps): bump dawidd6/action-send-mail from 3.7.0 to 3.7.1
5baed90cd build(deps): bump github.com/docker/docker
82431441a build(deps): bump github.com/fsouza/go-dockerclient from 1.8.3 to 1.9.0
9226bd312 Update vendor containers/(common,image,storage)
26a29674a build(deps): bump actions/upload-artifact from 2 to 3
cadd801fc build(deps): bump actions/checkout from 2 to 3
8ec69a9ad build(deps): bump actions/stale from 1 to 6
356ab96d7 build(deps): bump dawidd6/action-send-mail from 2.2.2 to 3.7.0
27032ea0f build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0
5038a0dae sshagent: LockOSThread before setting SocketLabel
4f272ee49 Update tests for error message changes
788fddb1d Update c/image after https://github.com/containers/image/pull/1299
f232da006 Fix ident for dependabot gha block
acc230dc3 build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6
dc81652ff Fix man pages to match latest cobra settings
7260a4b0d build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
fba8daf13 build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1
df8f0fa88 test: retrofit 'bud with undefined build arg directory'
9d43eb95e imagebuildah: warnOnUnsetBuildArgs while processing stages from executor
1a2af6864 Update contrib/buildahimage/Containerfile
e1c7a5df1 Cirrus CI add flavor parameter
b5c86a8e0 Correction - `FLAVOR` not `FLAVOUR`
f5fc96e79 Changed build argument from `RELEASE` to `FLAVOUR`
36afa3530 Combine buildahimage Containerfiles
472c46f98 bud.bats refactoring: $TEST_SCRATCH_DIR, part 2 of 2
ca65736da bud.bats refactoring: $TEST_SCRATCH_DIR, part 1 of 2
2adbe2a58 System test cleanup: document, clarify, fix
bf0a6e073 test: removing unneeded/expensive COPY
94ea37767 test: warning behaviour for unset/set TARGETOS,TARGETARCH,TARGETPLATFORM
eae3415b1 Bump to v1.28.1-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
skopeo rdepends on it, and skopeo has been extended to native and
nativesdk, so container-host-config needs also be extended.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The /etc/containers/policy.json[1] file is used to specify verification
policy. For now, we can see it's used by both cri-o and skopeo. To avoid
conflict, we use container-host-config to provide this file and make both
skopeo and cri-o depend on it.
[1] https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The old crio.conf file can cause cri-o start failure. The error
message is as below.
validating runtime config: runtime validation: failed to \
translate monitor fields for runtime runc: cgroupfs manager \
conmon cgroup should be 'pod' or empty
Use new crio.conf file to solve this issue. The file is generated
by 'crio --config="" config --default' command, as indicated in
the old crio.conf file.
With this config file update, the crio.service can now start correctly.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
crio.service now reports the following error messages:
level=error msg="Writing clean shutdown supported file: \
open /var/lib/crio/clean.shutdown.supported: no such file or directory"
level=error msg="Failed to sync parent directory of clean \
shutdown file: open /var/lib/crio: no such file or directory"
Create /var/lib/crio to avoid such error message.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
For cri-o, libselinux is optional, this can be seen from
its Makefile. So let's make selinux optional by using PACKAGECONFIG,
whose default value is determined by the DISTRO_FEATURES. In this
way, meta-selinux dependency is not necessary.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
libseccomp is not in oe-core. There's no need to check
meta-security any more.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
ostree is in meta-oe, libseccomp is in oe-core. So remove these two.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Instead of providing storage and registries configuration files
in this package, we inherit container-host which will provide a
common definition of these configs.
This allows multiple packages to ensure that the configuration
files are present, and not conflict in their installation.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This is a configuration only recipe that produces a package which
installs some common configuration files.
In this introduction we have both registries.conf and storage.conf.
Packages that require these files should RDEPEND on this package
(or inherit container-host.bbclass) and the files will be installed.
If conflicting requirements for these global configuration files
arise, they can be resolved through additions to this recipe, or by
providing a higher priority version of the .conf files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Introducing a small (at the moment) class that represents configuration
and processing required to prepare a target image to be a container
host.
A recipe that requires container configuration should inherit this
class, and the container-host-config package will be added as a
RDEPENDS, and install common configuration files.
In the future, additional functionality or dependencies will be added
here to synchronize the configuration of multiple container host
packages.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping cri-o to version v1.25.2-11-g1a6bb9c9b, which comprises the following commits:
32d1cb665 mocks: update with new c/storage mocks
fb2753ee2 bump c/storage to fix map leak
3a9449924 Make storage unmount less strict
63f413530 Inject release-notes branch from GitHub actions
7037d1568 ResourceStore: delete entries after they're used
dfff7e6b4 ci-verify: Run get-scripts only on main branch
51d3621c2 Fix GitHub actions CI
aba30569c version: bump to 1.25.2
2845bb5f5 Update c/storage to v1.44.0
c431b53ca Use containerd v1.7.0-beta.0
36c4d1bc2 Bump conmon-rs to v0.4.0
dc9a6b1a8 version: bump to 1.25.1
2863b7d6e Fix lint CI on `main`
e7e849359 config: translate monitor fields when printing config
9edf0c5c7 workloads: fix whitespace
bea0f973d template: fix whitespace and comments in runtimes table
aa329a1e3 Update config README
556d85231 Allow complete Runtimes config to change
9dc1a70b4 Add basic integration tests for runtime reload
7fcef1dbd Add notes on runtime reload support to documentation
d51a01ad3 Reload runtime configs on reload
f06c01231 Invert conditional check in ValidateDefaultRuntime
7ef8fac1a Move default runtime validation to its own function
23081649b config: do not remove runc if different default runtime
b6b835512 use AddInheritableCapabilities
4e4749a27 config: add field AddInheritableCapabilities
24feb7778 server: return already created ID for duplicated requests
e2cce29fc resourcestore: add test for stages
7e7a8d923 server: update stages according to progress with resource creation
b15581620 resource store: return stage when a watcher is requested
398964d9e resource store: introduce stages
706f920f9 cli: fix some inconsistencies in the help text
ebc644a68 Update runc to v1.1.4
a05ddfb4a Fix lint CI
f253c4b7c test: add checkpoint/restore tests
b033570b3 test: do not hard code CNI location
15ec8f36c Provide support for checkpoint and restore
f06e5c8d5 vendor: bump conmon-rs to latest main
7076f72ab oci: add --systemd-cgroup to all runtime commands
f09c1d31b oci: refactor runtime command handling
08ce6edce oci: take ExecCmd
4f5ca801b Update golangci-lint, config and timeout
db3b399a8 server: add container GID to additional groups
b3f970d0f build(deps): bump google.golang.org/grpc from 1.48.0 to 1.49.0
f68121a5b build(deps): bump github.com/containers/kubensmnt from 1.1.3 to 1.2.0
cd90ce156 Bump Kubernetes to v1.25.0
3ba908fdd build(deps): bump github.com/containers/kubensmnt from 1.1.2 to 1.1.3
b241c32d8 Adding annotations for image and sandbox name.
9ef68e8e7 Fix bundle e2e tests
45966c89c build(deps): bump github.com/container-orchestrated-devices/container-device-interface
4b6936f8f bump cri-api to k8s 1.25 rc0
e27f28868 build(deps): bump github.com/urfave/cli/v2 from 2.11.1 to 2.11.2
1ecd63643 build(deps): bump github.com/containers/podman/v4
10069a178 build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.8
4b10ed79f build(deps): bump github.com/prometheus/client_golang
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We drop a patch that is now part of the release.
Bumping skopeo to version v1.11.0-39-g95680f3c, which comprises the following commits:
643a2359 Update c/image after https://github.com/containers/image/pull/1816
2c6e15b5 Run codespell on codebase
df708d16 [CI:DOCS] Disable dependabot
2acac8a6 Update module golang.org/x/term to v0.5.0
f9e2c676 Update golang.org/x/exp digest to 46f607a
47c7902e Remove unnecessary blank lines
c1a57ca1 Pre-allocate an array
2a7b1327 Simplify a condition
e7ab33e6 Rename a variable to avoid an underscore
e90c381a Add missing comment punctuation
70c06b4a Fix, or remove, comments using lint syntax
9137ac56 Simplify an increment
efc6e837 Reformat import statements
a8b9e4e3 Use %w when wrapping errors
99215e40 Remove a duplicate word
afa031e8 Use net/netip.Addr instead of net.IP
891ba3d4 s/interface{}/any/g
f2b3a9c0 Use golang.org/x/exp
f1a6d427 Use strings.Cut
22955d05 go mod tidy -go=1.18
007f01c6 [CI:BUILD] enable debuginfo for el8 copr builds
036bf598 [CI:BUILD] copr: fix el8 build and enable debuginfo
f9406bb0 Cirrus: Use human-readable CI VM Images
b41b85ab Update module gopkg.in/yaml.v2 to v3
d2fbec35 Add unit tests for tlsVerifyConfig's yaml.Unmarshaler
9e24a195 [CI:DOCS] Fix up language in README
cc958d3e Move to v1.11.1-dev
9d036f30 Bump to v1.11.0
83bcd136 [CI:DOCS] Format manual page documents
afbdaf8e Update module github.com/containers/common to v0.51.0
c9114248 Update module github.com/containers/image/v5 to v5.24.0
0fad1193 Add (skopeo generate-sigstore-key)
48b9d94c Update c/image after https://github.com/containers/image/pull/1810
80e3fd10 Touch up conscious language issues
9f04dfde Partially fix removal of temporary data in (make test-system)
36c480f6 Don't affect $XDG_RUNTIME_DIR of Podman starting the registry
850bc49d Update module github.com/containers/storage to v1.45.3
a98c1372 Fix storage.conf setup in test-system
19815502 Fix (test-integration), in a container without CI
67a8bef6 Cirrus: Fix c/image CI testing
63da8390 Bump github.com/containers/ocicrypt from 1.1.6 to 1.1.7
1fac61ef Cirrus: Add a common intra-test reset function
292962d3 Fix unnecessary use of podman in CI test
e239f32a Cirrus: Update to F37 CI VM Images
ee804858 Cirrus: Remove redundant package install attempt
0698e82b fix(deps): update module github.com/containers/storage to v1.45.1
bb1ac893 Add support for Fulcio and Rekor, and --sign-by-sigstore=param-file
03b5bdec Update c/image after https://github.com/containers/image/pull/1787
1133a2a3 fix(deps): update module github.com/containers/storage to v1.45.0
d0cf39d8 Cirrus: Skip OSX CI on release-branches
f17eafe8 Correctly use the stdout parameter in some places
58bccf38 fix(deps): update module golang.org/x/term to v0.4.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping runc to version v1.1.4-20-gc6781d10, which comprises the following commits:
f6e2cd3b nsexec: Check for errors in write_log()
9233b3d0 tests/int: test for /dev/null owner regression
fa722c1d libcontainer: skip chown of /dev/null caused by fd redirection
53ceeeab Explicitly pin busybox and debian downloads
3b6625c6 tests/integration/get-images.sh: fix busybox.tar.xz URL
b8ebeece tests: replace local hello world bundle with busybox bundle
e9f8fd32 [1.1] Vagrantfile.fedora: upgrade Fedora to 37
e6a8287c ci: shellcheck: update to 0.8.0, fix/suppress new warnings
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bumping runc to version v1.1.4-20-gc6781d10, which comprises the following commits:
f6e2cd3b nsexec: Check for errors in write_log()
9233b3d0 tests/int: test for /dev/null owner regression
fa722c1d libcontainer: skip chown of /dev/null caused by fd redirection
53ceeeab Explicitly pin busybox and debian downloads
3b6625c6 tests/integration/get-images.sh: fix busybox.tar.xz URL
b8ebeece tests: replace local hello world bundle with busybox bundle
e9f8fd32 [1.1] Vagrantfile.fedora: upgrade Fedora to 37
e6a8287c ci: shellcheck: update to 0.8.0, fix/suppress new warnings
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
