Bumping to the newest 1.2.x, which contains the following commits:
f8777f130 Add release notes for v1.2.14
abbb17959 Add comment clarifying fix for security issue
1ead8d9de treat manifest provided URLs differently
f52fbb8a9 Bump Golang 1.13.15
0732aa7a6 Bump Golang 1.13.14
f6b342959 Bump Go 1.13.13
2f4dfde54 Bump Golang 1.13.12
cbdfca815 Build runc with selinux support
f8ae16778 Fix incorrect backport of setting octet-stream
17a506c94 golangci-lint update and fix
4f6dc01a8 Bump Golang 1.13.10
493665bd5 Bump Golang 1.13.9
053f4d6fd Update containerd/console vendor for fix
e72c2b5b1 Bump containerd console for os.File changes
8810a1387 bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
f8be3cf7f when kill container, check if container has been deleted
35a174382 Update Golang 1.13.8
305703670 Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
1591eb809 Update Golang 1.13.6
fc95ae8ed Update Golang 1.13.5
77499e24e Update to Golang 1.13.4
2adf308a2 Revert "Update Golang 1.12.14"
9d53ba930 Revert "Update Golang 1.12.15"
c5843f944 Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"
012c4c0af Revert "Update Golang 1.12.17"
30267a8da platforms: update known OS and arch values
591f6f491 Move flag.Parse in tests to TestMain
598f7a7b5 Try set GOGC for golint
dfff5b146 Switch to golangci-lint
a18c08347 fix additional linting failures
c1ceae579 Update timestamp atomic write
82ddedea2 Ensure close in content test
961c23a57 fix killall when use pidnamespace
a386eb648 Fix linter errors
971ad613c bugfix: cleanup dangling shim by brand new context
f141d0f7a Prepare v1.2.13 release
0c10aca55 Update .mailmap with changes from master
b97098762 Fix container pid.
567ca6785 Set octet-stream content-type on put request
28eb964b0 script: use github.com/kubernetes-sigs/cri-tools directly
2a0ca2d07 Update Golang 1.12.17
a7c9b7605 Fix incorrect comment from copy/paste of starting script
6ad255383 Pin to libseccomp 2.3.3
25a806c50 bump cgroups dependency to address blkio issue
79d65767e Prepare v1.2.12 release
9be62a7ee Update mailmap
8761b1bf8 Update name for btrfs headers package
5db3987eb Fix dependency in BUILDING.md
945611681 [release/1.2] vendor: bump containerd/cri b1052f3b73fb9f0a6805d3c20e884a4cef265a38
520c8cb84 bump google.golang.org/grpc v1.23.1
c12aaf0e5 vendor: bump gopkg.in/yaml.v2 v2.2.8
9d1954f2e vendor: bump containerd/cri b075cc4e9f394780dbed101601c48dcc3d37c828 (release/1.2 branch)
1bc2590d9 vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1
44b5bac0c Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)
4c03d5dfb Pick up fix for CVE-2019-16884 in opencontainers/selinux
87648d2a7 Bump to opencontainers/runc new version - v1.0.0-rc10
f106ae4ab Update Golang 1.12.15
4288ba10f runtime: only check killall for init process
e7b06baa6 Update Golang 1.12.14
34978bf3b Disable criu tests in Travis CI
de8ed89b1 Fix cleanup error on content client test
1b4aebd68 Prepare v1.2.11 release
128664b67 snapshots: return error if readSnapshot fails
342c953a5 Update to Golang 1.12.13
6b94990c1 Revert "[release/1.2] pin travis to go 1.12.12"
0b9135f1d Catch up vndr with state of vendor/ dir
435e05fd0 [release/1.2] pin travis to go 1.12.12
e319caedc Update Golang 1.12.12 (CVE-2019-17596)
0877136a9 Use cached state instead of `runc state`.
f71f6d39b Robust pid locking for shim processes
42aba6e0f Add timeout for I/O waitgroups
c471c95bc Add local-fs.target to service file
847f74c28 Fix delete error code on the containerd daemon side.
611766aff Fix shim delete error code.
639be3585 bump runc v1.0.0-rc9
b30190905 Bump runc to 1b8a1eeec3f337ab5d94f28980
8fb208fb1 Revert "Revert "bump libseccomp-golang v0.9.1""
889f5f803 Automate CRI tarball release.
9e6b7bb9f Prepare v1.2.10 release
8d33d0351 AppVeyor: bump golang 1.12.10 (CVE-2019-16276)
0c961b186 Bump runc for CVE-2019-16884
4be2ad78f Update cri to 40affe7c7402d41618b9791a8cf105ac74ce56d0.
5d464752c Update go-runc to e029b79d8cda8374981c64eba71f28e
b3a846068 Update mailmap
413609294 Prepare v1.2.9 release
b1e40b64f [release/1.2] Update cri to ad5dcc6cba067488d017540d06ebc08b21bb82bc
14ff021bd archive: truncate modification time
86ea2b726 Use default UNIX env when image has no environment
99c2e56e3 bump containerd/zfs 2ceb2dbb8154202ed1b8fd32e4ea25b491d7b251
0d6d883a6 Compute manifest metadata when not provided.
e6275a02b Add user agent header to all requests
4bffd8855 Explicitly stating utf-8 when fetching oauth token
09c68d083 Add custom headers option to dockerResolver
5c284a771 Revert "Add user agent header to all requests"
08325686b Update gRPC to v1.23.0
5fbd02f81 Update ttrpc to 92c8520ef9f86600c650dd540266a00
a9ba2e681 Prepare v1.2.8 point release
1c309d804 Remove the process default ENV
f1c661f78 Change bufferSize back to 32
d161ab632 Try to preserve exit event order
7e2864b8f Add retry and non-blocking send for exit events
dbf9a5017 Unifi reaper logic into package
9b5b55b14 Fix shim hung
c8d75ca5e do not mutate defaults in replaceOrAppendEnvValues
6c6b7e297 bugfix: override image.Env with process.Env, rather than be contrary
17690cc2f AppVeyor: update to go 1.12.9
8c0ec3c35 Revert "bump libseccomp-golang v0.9.1"
941dd9f2c Update cri to d928a4dd337fd2a992dbe72380eff2063c3ec62f.
4097217bb AppVeyor: update to go 1.12.8 (CVE-2019-9512, CVE-2019-9514)
bb238e05a AppVeyor: update to go 1.12.7
150468fcc contrib: Dockerfile: bump go 1.12
c675ea30c contrib: Dockerfile: add a base stage
59134eb99 contrib: Dockerfile: reformat, and use --no-install-recommends
ad3bfc9e3 contrib: Dockerfile: use build-arg for go-version
11a25c8a6 Move ctr run --isolation to Windows only
47e5d5fd4 Limit multiple platform manifests to one for size check
116e770a8 Call CloseIO when stdin closes in ctr
c8bbceb4e metadata: merge snapshot labels with metadata's labels
227ebf36a runtime/v1/linux: ignore ErrCgroupDeleted in Task.Start
d528a69a4 images: only fetch the best matched manifest info
46920a60f test/snapshots: umount before committing snapshot
452e9c532 Improve ARM platform matching
b207b3329 Skip rootfs unmount when no mounts are provided
d8f4da4fe bump libseccomp-golang v0.9.1
ed35eec32 Close the inherited socket fd
b2d260c4f Ensure labels is not nil in differ
1b2230eb3 AppVeyor: Bump golang 1.12.6
d0b89fd57 Add travis_wait to prevent vndr timing out
aab8e9d13 Update to Golang 1.12, and prepare for ppc64le
56f8ef8ce Update travis to xenial worker
bad4fdd76 Prepare release note for v1.2.7.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
It defaults to "-s -w" [1] which strips debug information, refresh a backported
patch to build unstripped binaries
https://golang.org/cmd/link/
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest containerd 0.2.x release. No build changes
were required, and runtime behaviour is the same.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
refreshing the containerd support to 1.2.x. We have to tweak the package
linking and update the go compile patch, but otherwise, the build is
unchanged.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
go 1.9.x was triggering linkage errors on some build hosts due to
missing symbols.
| tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_mac:
| /usr/src/debug/glibc/2.27-r0/git/sysdeps/x86_64/dl-machine.h:59: undefined reference to `_DYNAMIC'
| tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_get:
| /usr/src/debug/glibc/2.27-r0/git/elf/get-dynamic-info.h:48: undefined reference to `_DYNAMIC'
By ensuring that our sysroot provided go binary and build flags make
it into the build enviroment we can build properly with 1.9 and 1.10
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev containerd to v1.0.2 for compatibility with recent docker (18.04+)
builds.
With this uprev we also significantly restructure the build to use more
of the latest oe-core go build infrastructure, but non-standard parts of
the build remain.
We also allow containerd to be build with CGO enabled to avoid linkage
errors with the oe provided go build infrastructure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since there are two implementations of runc and containerd that may
not always be in sync, the docker variant, and the opencontainers
variable, we create a virtual/* namespace for these components.
Anything requiring runc or containerd should set a preferred provider
to get the desired/tested variant.
We set the default provider to the docker variants, since they are
the primary use case for these components.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
